Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Devil Linux has NO irc bots onboard
From: Victor Grishchenko <gritzko () plotinka ru>
Date: Fri, 20 Oct 2006 20:47:04 +0600

Hi!

Just to confirm that we found traces of the actual intrusion. There  
are no IRC bot in Devil Linux 1.2.10 distro. Sorry for my previous  
mail. It was just a coincidence of coincidences both of technical and  
human nature.

Namely, there was an intrusion to a DL host not exposed to the  
internet (low-probability event) made in a short timeframe from  
reboot to the moment the bot was discovered (l-p event). The  
intrusion was made via a chain of DMZ/intranet hosts (lpe). Also, our  
proxy cached a zero-size page for devil-linux.org for unknown reason  
(lpe). There were also other low-probability events.

Devil Linux is OK, we are going to use it in production after  
performing all the necessary exorcism procedures.



                                        Victor

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]