Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Incidents mailing list archives

new SunOS 5 rootkit? (fwd)
From: Alan Thew <Alan.Thew () liverpool ac uk>
Date: Thu, 14 Feb 2002 10:26:26 +0000 (GMT)
Anyone seen this before? contains trojaned ls, netstat, ps and others.
In addition on port 5654 , Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
SSH-1.5-1.2.25

is installed and setup to start at reboots etc...

Thanks

-- 
Alan Thew
FAX: +44 151 794 4442

---------- Forwarded message ----------
     #
    #
   #   #
    # # #       RootKit fr SunOS
 #   #   #      (C) Adolf Hitler / NSDAP
  # # #
   #   #          English version.. for you scriptkids.
      #
     #

988113360






----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]