[linux] prave ma hackli

Bohdan Spes spes na pobox.sk
Pátek Prosinec 14 16:13:02 CET 2001


Na disku som nasiel tento rootkit:
drwxr-xr-x 46872/339         0 1996-01-11 10:07:07 z/
-rwxr-xr-x 46872/339      7165 2000-09-16 01:53:56 z/asus
-rw-r--r-- 46872/339         0 2001-04-25 04:58:46 z/chipsul
-rwxr-xr-x 46872/339      2443 2001-06-04 18:07:34 z/cleaner
-rwxr-xr-x 46872/339       660 2000-12-11 22:52:01 z/ftpaccess
-rwxr-xr-x 46872/339     19840 1998-11-25 20:51:31 z/ifconfig
-rwxr-xr-x 46872/339     27055 2000-09-15 22:14:58 z/in.rexedcs
-rwxr-xr-x 46872/339    201020 2001-08-30 06:39:04 z/initdl
-rwx------ 46872/339     10487 1996-01-11 10:06:17 z/install
-rwxr-xr-x 46872/339     35300 2000-09-15 23:47:31 z/netstat
-rw-r--r-- root/root    250398 2001-09-16 01:55:27 z/news.tar
-rwxr-xr-x 46872/339     33280 2000-09-16 23:37:15 z/ps
-rwxr-xr-x 46872/339     22173 2000-12-09 01:44:26 z/s
-rw-r--r-- 46872/339     28234 2000-12-09 01:47:48 z/scan.tar.gz
-rwxr-xr-x 46872/339      4060 1999-03-05 15:59:04 z/see
-rwx------ 46872/339        63 2000-09-16 04:20:52 z/seekill
-rwx------ 46872/339       112 2001-08-30 06:38:21 z/sourcemask
-rw-r--r-- 46872/339    375620 2001-04-23 16:03:34 z/ssh.tar.gz
-rwx--x--x 46872/339      8268 1999-10-16 15:13:26 z/synk
-rwxr-xr-x 46872/339    267360 2000-07-01 00:15:45 z/syslogd
-rwxr-xr-x 46872/339     14224 2000-09-16 01:23:11 z/tcpd
-rwxr-xr-x 46872/339     53588 2000-09-16 23:37:26 z/top
-rwxr-xr-x 46872/339     37711 2000-12-09 01:44:39 z/w

Treba preinstalovat masinu ale ta je vo viedni a som z toho roiadne 
znechuteny.

Nepoznate tento rootkit, neviete ci sa da odstranit aj bez preinstalovania ?

Bohdan




Další informace o konferenci linux