Security Incidents mailing list archives
Re: msamba
From: Tobias Klein <tobias.klein () ewetel de>
Date: Fri, 25 Apr 2003 12:06:02 +0200
this files are infected with the linuxOSF8759 trojan ive tried to clean the file with the tools last posted "vaccine.c" but the files are still infected the right tool for cleaning the files is: http://packetstormsecurity.nl/trojans/clean-osf.8759.tgz - newroot At 10:14 22.04.2003 -0500, noconflic wrote:
> > 8. I haven't contacted anyone because I don't have any hard evidence of > where the intrusion came from. The cahcepu.net appears to be run by the > guy who tried to get in anyway so I didn't feel it was too worthwhile. > > Once again, thanks for everyone's comments! > > Cheers, Steve >Probably get flamed for sending these but, Like others, I like to keep track of what is being used in the wild. Who ever is resposible, it looks like they have been pretty busy.http://www.cahcepu.net/dhegleng/root-logs.txt At the bottom it looks like there are other "Auto rooters" there. http://www.cahcepu.net/dhegleng/mass-slamet.tar.gz http://www.cahcepu.net/dhegleng/massplo.tar.gz http://www.cahcepu.net/dhegleng/local.tar.gz Hope this helps. - nocon ---------------------------------------------------------------------------- Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the world's premier event for IT and network security experts. The two-day Training features 6 hand-on courses on May 12-13 taught by professionals. The two-day Briefings on May 14-15 features 24 top speakers with no vendor sales pitches. Deadline for the best rates is April 25. Register today to ensure your place. http://www.securityfocus.com/BlackHat-incidents ----------------------------------------------------------------------------
----------------------------------------------------------------------------Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the world's premier event for IT and network security experts. The two-day Training features 6 hand-on courses on May 12-13 taught by professionals. The two-day Briefings on May 14-15 features 24 top speakers with no vendor sales pitches. Deadline for the best rates is April 25. Register today to ensure your place. http://www.securityfocus.com/BlackHat-incidents ----------------------------------------------------------------------------
Current thread:
- msamba Steve Bromwich (Apr 21)
- Re: msamba Paulo Abrantes (Apr 21)
- Re: msamba William Salusky (Apr 22)
- Re: msamba noconflic (Apr 22)
- Re: msamba Nikola Pepelishev (Apr 22)
- Re: msamba Steve Bromwich (Apr 22)
- Re: msamba noconflic (Apr 23)
- Re: msamba Tobias Klein (Apr 25)
- Re: msamba noconflic (Apr 23)