I have reason to believe that I am a victim of a root kit and have false copies of the following binaries:
w ps ls I have since thrown up a few ipchains rules as a temporary stop gap, but would like to further investigate the perpetrator's kit before I format and restore. Without having good copies of these files, finding where on my file system he dropped off his kit is like looking for a needle in a hay stack. I'm looking to get known good copies of these binaries, could anyone lend a hand and get me good copies? (I'm on a RaQ4, BTW) Many thanks in advance, -Mike _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
