[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Recent Hacks

Subject: Re: [cobalt-users] Recent Hacks
From: flash22@xxxxxxx
Date: Fri Feb 9 18:37:14 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

On Fri, 9 Feb 2001, fastmedia wrote:
> 
> I have a number of these files present on my system, dated just short of 24
> hours ago.  particularly the rootkit.  i'm not sure how to get an MD5
> checksum.  can i just delete the rootkit?  it's defintely a rootkit?

md5sum /bin/login
2a2909971f22815c9c9440e97b1780ad  /bin/login

(etc...)

Based on the files included, yes...part of what a rootkit is used for is
to replace 'normal' system files with 'special' ones that do usefull
things like giving out access to someone...deleting the kit only removes
the old already installed files, you need to put back clean system files
also , or you leave holes in place ....note that the list below includes
'su' , if your su has a hole in it you have a problem ;0

> 
> i'm changing passwords now

Always good to change password occasionally, but a bit pointless in this
case..

References:
- Re: [cobalt-users] Recent Hacks
  - From: fastmedia

Prev by Date: RE: [cobalt-users] speaking of spam...
Next by Date: Re: [cobalt-users] Darn Qube
Previous by thread: Re: [cobalt-users] Recent Hacks
Next by thread: Re: [cobalt-users] Recent Hacks

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index