|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: SecLists (lists
secure.stargate.net)Date: Wed Jun 06 2001 - 11:54:24 CDT
Hello all...
First time posting to the list here...
One of our customers who we do security services for when they are needed
recently had a Solaris 7 box compromised. There appears to be a rootkit
installed that opens an ssh daemon on port 27354 with a sshd_host_key.pub
of:
...rootNoraD
has anyone seen this before? or has any info on it? ie, what binaries have
been trojaned, what files have been replaced, etc.??
Thanks,
Shawn Duffy
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]