|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: Cracked; rootkit - entrapment question?
From: Dave Dittrich (dittrich
CAC.WASHINGTON.EDU)Date: Thu Mar 02 2000 - 23:00:13 CST
- Next message: Greg A. Woods: "Re: home: Is *anyone* really home there???"
- Previous message: Mike Fratto: "Re: Cracked; rootkit - entrapment question?"
- Next in thread: Craig H. Rowland: "Re: Cracked; rootkit - entrapment question?"
- Maybe reply: Dave Dittrich: "Re: Cracked; rootkit - entrapment question?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> The cracker installed what appears to be Linux Rootkit 4, and I'm
> diligently removing all of the binaries as we speak...
As to the rootkit, I have a paper on them that might help:
http://staff.washington.edu/dittrich/misc/faqs/rootkits.faq
-- Dave Dittrich Client Services dittrich<a href="http://www.washington.edu/People/dad/"> Dave Dittrich / dittrich
PGP 6.5.1 key fingerprint: FE 97 0C 57 08 43 F3 EB 49 A1 0C D0 8E 0C D0 BE C8 38 CC B5
- Next message: Greg A. Woods: "Re: home: Is *anyone* really home there???"
- Previous message: Mike Fratto: "Re: Cracked; rootkit - entrapment question?"
- Next in thread: Craig H. Rowland: "Re: Cracked; rootkit - entrapment question?"
- Maybe reply: Dave Dittrich: "Re: Cracked; rootkit - entrapment question?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]