Date: Mon, 22 May 2000 11:33:49 +0200 From: Udo Schweigert <ust@cert.siemens.de> To: Alfred Perlstein <bright@wintelcom.net> Cc: Shadi Fazelian <sh_fazelian@yahoo.com>, hackers@FreeBSD.ORG Subject: Re: please hellllllllllllp me! Message-ID: <20000522113349.A74728@alaska.cert.siemens.de> In-Reply-To: <20000522025901.T28097@fw.wintelcom.net>; from bright@wintelcom.net on Mon, May 22, 2000 at 02:59:01AM -0700 References: <20000522085452.23895.qmail@web4207.mail.yahoo.com> <20000522025901.T28097@fw.wintelcom.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, May 22, 2000 at 02:59:01 -0700, Alfred Perlstein wrote: > * Shadi Fazelian <sh_fazelian@yahoo.com> [000522 02:31] wrote: > > Hello. > > please guide me: > > 1- how I can see a hidden file (not dot file) and how > > I can hidden a file ? > > my mean: I want make a file that ls -al can't see it. > > impossible(*) afaik. > > > > > 2- how I can write somthing in a file that nobody can > > see them > > my mean: in crontab adding some command that this is > > hidden. > > impossible(*) afaik. > > > > > 3- how I can run somthing in background that ps can't > > see it. > > impossible(*) afaik. > > > > > please guide me. hackeres attack my servers and I > > don't know how he/she can. > > (*) see: http://www.rootkit.com/ > and: http://www.rootkit.com/whitepapers.shtml > 1- and 3- are possible, if the attacker can change the installed versions of ls and ps to his own, compromised versions. Regards -- Udo Schweigert, Siemens AG | Voice : +49 89 636 42170 ZT IK 3, Siemens CERT | Fax : +49 89 636 41166 D-81730 Muenchen / Germany | email : ust@cert.siemens.de PGP-2/5 fingerprint | D8 A5 DF 34 EC 87 E8 C6 E2 26 C4 D0 EE 80 36 B2 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000522113349.A74728>