Date: Wed, 01 Aug 2001 20:16:50 +0400 From: "Maximum" <m-a-x-i-m-u-m@mail.ru> To: mschlosser@eschelon.com Cc: freebsd-security@freebsd.org Subject: RE: Trojan injected in my Freebsd 4.1-RELEASE Message-ID: <E15Ryfy-00057g-00@f4.mail.ru>
next in thread | raw e-mail | index | archive | help
>If all you want to do is play with the hacker I want to find the way hacker injected trojan and close that backdoor. Simple restoring clean binaries will not help me understanding that way. <skip> >the other person might notice, do things quietly secretly. Stick >the machine on a hub with another machine and have that machine >sniff for traffic on that port. Then the person will not see you >looking for them. With luck, you can build a sandbox around them >without their knowledge. Could be a fun project. Problem is that my box placed as colocated server far faraway from me in another country and I have no physical access to computer. So only thing I can do is run my own watching programs. >nrfbsdrk v0.1 by gREMLiNs means rootkit. This person doesn't seem >very good since your security report told you they were there. >Probably script kiddie turned dorm rat. Hope you right because I can't have this server lost. Also I hope hackers do not subscribed to this maillist :) Maxim Sorokin To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E15Ryfy-00057g-00>