On Wed, 13 Aug 2003 16:54, Carl Cerecke wrote: > This was forwarded to me. The guy works for a NZ company. > Names have been genericised [not deprec(i)ated] :-) > > Cheers, > Carl > <snip>
This has happened to one of my friends boxes. Mostly likely an insecure setup of something (ie: telnet, etc). If this happens to you chkrootkit will be your friend (as long as it's not compromised itself). It checks for various Linux rootkits, sniffers and worms in various key system programs. Other programs to guard against 'threats' include snort, tripwire and portsentry. Later Lee PS: a thing to watch for when using dyndns or similar: make sure your email server will not relay for everyone in the domain :-)
