[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re:[2] [cobalt-users] Unhack Script..?

Subject: Re:[2] [cobalt-users] Unhack Script..?
From: RaQ3 <cobalt@xxxxxxxxxxx>
Date: Fri Feb 16 09:15:53 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

elmer@xxxxxxxxxxxxxx wrote on 16.02.01 16:27:55:
>
>On Fri, 16 Feb 2001, Craig Napier wrote:
>
>} Were did you get that "unhack.pl" script you're talking about..  :-)
>
>I did not keep a list and for that I apologize. However, I worked a
>hacked server yesterday the hard way - manually comparing file to
>file, directory to directory against an unhacked box. The hacked
>server had not been online that long, fact is as I recall it was
>just restored from CD a few weeks  earlier. Anyway, to make a long
>story short, unhack.pl doesn't catch everything. It does indeed
>catch most of it but not all of.
>
>	For example, the server I worked has a trojened SSHD
>installed which was not included in the unhack.pl script I looked
>over after the clean up. Additionally it doesn't remove one of the
>hidden directories I found in which cracker stuff was being stored
>and there was some other stuff, including a running daemon that I'm
>still trying to figure out what it's for - unfortunately I didn't
>keep notes. I was just helping out a friend.

Hi Brent !

Why don't you put the things you found here, so everyone who
suspects a hack can have a look for it, if it is not too much trouble ?

Thomas

--
InternAd.de
Internet Advertising
Thomas Prosi
tp@xxxxxxxxxxx

Follow-Ups:
- Re:[2] [cobalt-users] Unhack Script..?
  - From: elmer

Prev by Date: [cobalt-users] apache::asp anybody tried it ?!?!
Next by Date: [cobalt-users] Help needed with mail on raq4
Previous by thread: [cobalt-users] apache::asp anybody tried it ?!?!
Next by thread: Re:[2] [cobalt-users] Unhack Script..?

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index