Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Incidents mailing list archives

Re: ingreslock message
From: hektor () RZ RWTH-AACHEN DE (Jens Hektor)
Date: Mon, 13 Mar 2000 18:36:39 +0100

Hi,

"Ex Machina [xm]" wrote:


I've seen this recently as the default command in in the adm-bind_exp.c
(ADM named 8.2/8.2.1 NXT
remote overflow). It simply started another inetd using a config in
/tmp/bob which was immediately deleted afterwards.


this is was we see *very* often, becuse it´s simpler, a compiled-in 
backdoor is less frequent.

Bye, Jens

-- 
Jens Hektor, RWTH Aachen, Rechenzentrum, Seffenter Weg 23, 52074 Aachen 
Computing Center Technical University Aachen, firewalls/network security
mailto:hektor () RZ RWTH-Aachen DE, Tel.: +49 241 80 4866 
Private: Rochusstr. 26, D52062 Aachen, Fon: +49 241 29888, Fax: % 29889

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]