Date: Thu, 10 Oct 2002 14:19:57 +0400 From: "Nickolay A. Kritsky" <nkritsky@internethelp.ru> To: Dragos Ruiu <dr@kyx.net> Cc: freebsd-security@FreeBSD.ORG Subject: Re[2]: Sendmail trojan...? Message-ID: <168272775470.20021010141957@internethelp.ru> In-Reply-To: <200210091327.18139.dr@kyx.net> References: <3DA3AE76.1070006@deevil.homeunix.org> <20021009142546.GA27227@darkstar.doublethink.cx> <20021009080341.A26616@zardoc.esmtp.org> <200210091327.18139.dr@kyx.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello Dragos, Wednesday, October 09, 2002, 5:27:18 PM, you wrote: DR> Where is the best collection of forensic information about DR> this so the method can be understood and effects checked DR> for? The CERT advisory mentioned trojaned versions "contain DR> malicious code that is run during the process of building the DR> software." It was less than illuminating about the method DR> after that. You can obtain additional info about sendmail's backdoor here: From: netmask <netmask@enZotech.net> Anyhow, I have made the backdoor'd sendmail code available at http://www.enzotech.net/files/sm.backdoor.patch and the base64 portion is decoded at http://www.enzotech.net/files/sm.backdoor.base64.txt ;------------------------------------------- ; NKritsky ; mailto:nkritsky@internethelp.ru To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?168272775470.20021010141957>