Security Incidents mailing list archives

Re: ftp warez server snake ?

From: H Carvey <keydet89 () yahoo com>
Date: 8 Dec 2004 14:02:32 -0000

In-Reply-To: <200412072214.18019.andreas () inferno nadir org>

Anyone recognize this one?


Given how easy these things are to manipulate, it could be anything.

I know you said that you don't have physical access, but do you have remote admin access, or know someone who does?  If 
so, could you get copies of the executable image files for these processes, perhaps any configuration files, dumps of 
process memory, etc?  These would go a long way toward helping you figure out what this stuff is.

H. Carvey
http://www.windows-ir.com
http://windowsir.blogspot.com

Current thread:

ftp warez server snake ? Andreas Putzo (Dec 07)
- Re: ftp warez server snake ? Peter Moody (Dec 07)
  - Re: ftp warez server snake ? Andrew Smith (Dec 08)
    - Re: ftp warez server snake ? Andreas Putzo (Dec 08)
  - Re: ftp warez server snake ? M. Shirk (Dec 08)
- Re: ftp warez server snake ? Bob User (Dec 08)
- <Possible follow-ups>
- Re: ftp warez server snake ? H Carvey (Dec 08)