Security Incidents mailing list archives
RE: SSH compiled with backdoor
From: "Chain, David (NA ITRC Team Lead)" <david.chain () hp com>
Date: Fri, 2 Sep 2005 13:33:39 -0700
VI is much better than PICO.. But chances are, if he is looking to do something harmful, it will be embedded deeper then in the java libraries. David. -----Original Message----- From: james () securityfocus com [mailto:james () securityfocus com] Sent: Friday, September 02, 2005 1:05 AM To: incidents () securityfocus com Subject: Re: SSH compiled with backdoor it's quite interesting. Although i can't find any reason for these commands. mkdir /lib/java cp /usr/sbin/sshd a mv a /lib/java It might be that he wants to come back and do something with it. Anyone? (btw, why not delete pico from your system and intall vi(m)... he might get pissed and leave. ) cheers.
Current thread:
- Re: SSH compiled with backdoor Peter Kosinar (Sep 01)
- Incident legal plan?? Jason Burton (Sep 02)
- RE: Incident legal plan?? dave kleiman (Sep 03)
- RE: Incident legal plan?? Michele Jordan (Sep 07)
- <Possible follow-ups>
- Re: SSH compiled with backdoor [no-spam-plz] (Sep 02)
- RE: SSH compiled with backdoor Chain, David (NA ITRC Team Lead) (Sep 02)
- Incident legal plan?? Jason Burton (Sep 02)