|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: ingreslock message
From: Jens Hektor (hektor
RZ.RWTH-AACHEN.DE)Date: Mon Mar 13 2000 - 11:36:39 CST
- Next message: Paul Rice: "Re: lots of interest in port 109 (POP2)"
- Previous message: GALES,SIMON (Non-A-ColSprings,ex1): "Re: DUP packet replies at tvguide.com"
- Maybe reply: Jens Hektor: "Re: ingreslock message"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi,
"Ex Machina [xm]" wrote:
>
> I've seen this recently as the default command in in the adm-bind_exp.c
> (ADM named 8.2/8.2.1 NXT
> remote overflow). It simply started another inetd using a config in
> /tmp/bob which was immediately deleted afterwards.
this is was we see *very* often, becuse itīs simpler, a compiled-in
backdoor is less frequent.
Bye, Jens
-- Jens Hektor, RWTH Aachen, Rechenzentrum, Seffenter Weg 23, 52074 Aachen Computing Center Technical University Aachen, firewalls/network security mailto:hektor
- Next message: Paul Rice: "Re: lots of interest in port 109 (POP2)"
- Previous message: GALES,SIMON (Non-A-ColSprings,ex1): "Re: DUP packet replies at tvguide.com"
- Maybe reply: Jens Hektor: "Re: ingreslock message"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]