|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Martin Ostlund (mo
ares.sot.com)Date: Wed Aug 01 2001 - 12:16:30 CDT
On Wed, 1 Aug 2001, Nick Lange wrote:
> The machine was a redhat install but patched up from all relevant security
> advisories (or so I thought, the only one I can see is maybe xinetd)...
Hi. One can never be secured enough:)
> anyone seen anything? a quick search for /sbin/a.out reveals nothing
> it may have been datapipe.c but I doubt that as well, as it's simply a port
> forwarder [for auth port]
> nick
Have you tried strings /sbin/a.out ? strings will print out
all readable text from a binary, also check which date and time it was
created, and if something shows up in messages/syslog around that
date and time. Try to check for backdoors, netstat -atn | grep LIST
-martin
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]