Here's some information which was relayed to me in addition to the kind
comments below:
http://xforce.iss.net/alerts/advise71.php
Btw, as I am reminded, this site exec exploit has been available since 1994, so
I'm wondering when we all will eliminate the software from our machines which
are both a necessity and an open door.
Scott Walker wrote:
> also have you patched your box.....
>
> I notice in your sig you say Sr Security & Network admin.....
>
> I think this knowledge was pretty common.. especially for a senior security
> person...
>
> pgeorges <[EMAIL PROTECTED]> on 2001-01-23 02:05:17 PM
>
> Please respond to [EMAIL PROTECTED]
>
> To: [EMAIL PROTECTED]
> cc: (bcc: Scott Walker/MTL/BAM/ActiMedia)
>
> Subject: Re: [expert] cert#37843 Just Hacked - Hidden Directory!
>
> ------------------------------------------------------------------------
>
> "Albert E. Whale" a écrit :
>
> > I am curious exactly how do you create a dot directory (i.e. .puta) so
> > that it is invisible to the ls -la command?
>
> > Additionally, how do you run a process and eliminate it from the process
> > table?
>
> With a root kit that changes your commands in order not to display some
> processes and files used for the crack.
>
> .
--
Albert E. Whale - http://www.abs-comptech.com/aewhale.html
----------------------------------------------------------------------
ABS Computer Technology, Inc. - Computer & Networking Specialists
Sr. Network, Security and Systems Consultant
HP Networking & Openview, Royalty Class Consultant - http://forums.itrc.hp.com
The Father's Rights Network - http://www.abs-comptech.com/frn/frnhome.html
The Pennsylvania Parenthood Initiative - PAPI - Children need BOTH Parents
- http://www.geocities.com/Heartland/4688/papi.htm
