|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Talisker (Talisker
NETWORKINTRUSION.CO.UK)Date: Mon Mar 26 2001 - 14:18:43 CST
<moderator - feel free to delete anything you don't like>
Nelson Murilo has once again updated chkrootkit to v3, this time to detect
lion
http://www.chkrootkit.org
<snip>
The following rootkits and worms are currently detected:
lrk3, lrk4, lrk5, lrk6 (and some variants);
Solaris rootkit;
FreeBSD rootkit;
t0rn (including latest variant);
Ambient's Rootkit for Linux (ARK);
Ramen Worm;
rh[67]-shaper;
RSHA;
Romanian rootkit;
RK17;
Lion Worm.
New tests:
basename, dirname, traceroute, rpcinfo, rexedcs, date, echo, env, timed,
identd, pop2, pop3, write, tar, mail, biff, grep.
RK17 detection;
Lion Worm detection.
</snip>
a bit about lion http://www.sans.org/y2k/lion.htm
Thanks Nelson!
Andy
http://www.networkintrusion.co.uk
Talisker's Network Security Tools List
Security Tools Notification
http://groups.yahoo.com/group/security-tools/join
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]