brute force ssh attack
Daniel Kirsten
Daniel.Kirsten at gmx.net
Wed Apr 27 15:14:51 UTC 2005
>Daniel -- did you happen to run any of the commands in the compromised user
>account as root?
Yesterday, I examined the directory ~daikanyama/.undernet and probably I
executed mech as root. The file mech is indeed infected by Linux/Rst-B.
This explains everything.......
Does anyone know whether .undernet/mech has another purpose than
distributing the Linux/Rst-B virus???
--
+++ Sparen beginnt mit GMX DSL: http://www.gmx.net/de/go/dsl
More information about the fedora-list
mailing list