Security Incidents mailing list archives
Re: Port 109 Mystery
From: Douglas Brown <dugbrown () email unc edu>
Date: Thu, 13 Mar 2003 10:54:00 -0500
Thanks to all who wrote to me off list - I've provided the administrator with another laundry list to follow. The consensus seems to be that this is a "Windows Kernel root kit", booting the server in safe mode should help tracking it down. As I get more details from the folks on the ground I'll provide them back to the list. Thanks again to everyone, -Doug -- Douglas Brown, CISSP Manager of Security Resources UNC Chapel Hill Abernethy 105 "what can Brown do for you?" ---------------------------------------------------------------------------- <Pre>Lose another weekend managing your IDS? Take back your personal time. 15-day free trial of StillSecure Border Guard.</Pre> <A href="http://www.securityfocus.com/stillsecure"> http://www.securityfocus.com/stillsecure </A>
Current thread:
- Port 109 Mystery Douglas Brown (Mar 12)
- Re: Port 109 Mystery Loki (Mar 12)
- RE: Port 109 Mystery James C Slora Jr (Mar 13)
- Re: [unisog] Port 109 Mystery Andy Polyakov (Mar 13)
- <Possible follow-ups>
- Re: Port 109 Mystery Douglas Brown (Mar 13)