lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
From: kernelclue at hushmail.com (kernelclue@...hmail.com)
Subject: Rootkit

Um, what operating system are you talking about?  What remote root exploits?

If it's a Linux variant, strings is your friend.

Also, I'm not sure if this is the proper forum for this type of question.
 One of the Security Focus mailing lists seems more appropriate.


On Fri, 26 Sep 2003 13:57:14 -0700 David Hane <dlhane@...global.net>
wrote:
>Hi all,
>
>I recently had a machine get hacked before I could finish installing
>all the 
>damn remote-root exploit patches that have been released in the
>last week.
>I've done the forensics and I know how they got in and what they
>did but I 
>would like to know what rootkit they used.
>
>Can anyone recommend a good scanner or info site where I can compare
>some of 
>the binaries I saved (the machine has been wiped)?
>
>Also, am I the only one who is totally exhausted from trying to
>keep up with 
>the last couple of week's patch frenzy? I would have had my last
>server 
>patched before the attack but things like, sleep, food, and bathroom
>time got 
>in the way :-)
>
>Thanks for the help,
>
>Dave
>


Powered by blists - more mailing lists