Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Devil Linux has NO irc bots onboard
From: Victor Grishchenko <gritzko () plotinka ru>
Date: Fri, 20 Oct 2006 20:47:04 +0600


Just to confirm that we found traces of the actual intrusion. There  
are no IRC bot in Devil Linux 1.2.10 distro. Sorry for my previous  
mail. It was just a coincidence of coincidences both of technical and  
human nature.

Namely, there was an intrusion to a DL host not exposed to the  
internet (low-probability event) made in a short timeframe from  
reboot to the moment the bot was discovered (l-p event). The  
intrusion was made via a chain of DMZ/intranet hosts (lpe). Also, our  
proxy cached a zero-size page for devil-linux.org for unknown reason  
(lpe). There were also other low-probability events.

Devil Linux is OK, we are going to use it in production after  
performing all the necessary exorcism procedures.


Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]