|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Hack attempt
From: John (3v1l.hax0r
gmail.com)
Date: Fri Jul 23 2004 - 17:17:08 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi,
This is a "root kit" downloaded to wipe the logs, set up IRC server,
replace BIND, etc.
psybnc is described here:
http://216.239.39.104/translate_c?hl=en&u=http://www.netknowledgebase.com/tutorials/psybnc.html&prev=/search%3Fq%3Dc-leet.dir%26hl%3Den%26lr%3D%26ie%3DUTF-8%26sa%3DG
You should wipe the machine and reinstall. Then keep PHP, Apache,
Linux patches up to date. Try to run apache as an account that can't
run wget and other system utilities.
Maybe run the Bastille scripts. Here is one description of them:
http://www.sans.org/rr/papers/32/195.pdf
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]