Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Incidents mailing list archives

Re: A friend's cable modem Linux machine just got compromised
From: "William N. Zanatta" <william () veritel com br>
Date: Thu, 02 May 2002 10:12:45 -0300
I'll take my guess: Beastkit. Following, there is an analysis of a RH 7.2 compromised box, take a look there and compare your friend's system. 

http://cert.uni-stuttgart.de/forensics/rootkits/beastkit.en.php

William Zanatta
-=[ "When you know Slackware you know Linux. When you know Red Hat, all you know is Red Hat" ]=- 


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]