robin szemeti <[EMAIL PROTECTED]> writes: > On Friday 04 January 2002 16:47, Andy Williams wrote: > > MeDanHacKinG > > umm its not an 'it' thats doing the rounds . .its a 'they' .. as in a hacking > crew rather than an automated exploit .. > > if you were running linux on that machine you might like to check if you were > running lpd and had that port world readable .. from my brief survey of the > sites they've done recently they all seemed to have a public lpd daemon ...
out of date DNS and wu.ftpd are also a given. Worth portscanning any servers you own for weird open ports... -- David Hodgkinson, Wizard for Hire http://www.davehodgkinson.com Editor-in-chief, The Highway Star http://www.deep-purple.com Deep Purple Family Tree news http://www.slashrock.com Interim Technical Director, Web Architecture Consultant for hire
