|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
unknown rootkit found in the wild
From: Jerome (jethro
docisland.org)
Date: Mon Apr 07 2003 - 13:40:07 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi,
I found a rootkit on a compromised machine, and I have not been able to identify it, tho I knew of some of its components.
This rootkit is named evilkit rootkit, and I did a short analysis of it that you can find here:
http://www.ebat.org/~jethro/evilkit.txt or here http://www.securitynerds.org/html/forensics/forensic-papers.html
I ve not been able to identify all components so it's up to the ones willing to do it to finish the job.
Cheers.
--
Jerome
[pgp keyid : 33D7802F http://pgp.mit.edu]
[key fingerprint : 82E6 C9C8 05D1 BEAC 9353 8ECB CEAF 6A0A 33D7 802F]
<b>
----------------------------------------------------------------------------
Is SPAM over-loading your e-mail server, disk space or bandwidth?
SurfControl E-Mail Filter is flexible, intelligent and policy-driven
protection.
http://www.securityfocus.com/SurfControl-incidents2
Download your free fully functional
trial, complete with 30-days of free technical support.
Stop SPAM before it stops you.
----------------------------------------------------------------------------
</b>
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]