[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Interface Promiscuous Mode and FTP Hacks

Subject: Re: [cobalt-users] Interface Promiscuous Mode and FTP Hacks
From: chris <chris@xxxxxxxxxxx>
Date: Sat Feb 17 02:58:24 2001
Organization: Zarcrom Industries Corporation
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

Using ./chkrootkit on RaQ3 server:

i got checking lkm
you have 4 processes hidden for readdir command
you have 4 processes hidden for ps command
possible LKM Trojan

Checking again 30 minutes later gives
Checking `lkm'... Nothing detected

Using ./chkrootkit on another RaQ3 server:
Checking `bindshell'... INFECTED

Checking again 30 minutes later gives

Checking `bindshell'... Not vulnerable


How can i double check those informations?

chris

References:
- Re: [cobalt-users] Interface Promiscuous Mode and FTP Hacks
  - From: flash22

Prev by Date: [cobalt-users] CobaltRAQ4 - How can I find rpmlib to replace the error
Next by Date: Re: [cobalt-users] I figured out how to get the data out of those otherwise useless .raq files !!
Previous by thread: Re: [cobalt-users] Interface Promiscuous Mode and FTP Hacks
Next by thread: [cobalt-users] Unhack Script..?

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index