If it's a JAR, it won't be human readable, but we might be able to look at the files (it's a ZIP of Java object code), and get a list of targetted servers.
Then we just disable IBR on the affected servers, or block them. On Sep 16, 2012 12:33 AM, "Peter Viskup" <[email protected]> wrote: > Dear all, > would there be anybody willing to help understand use of HACKER.JAR and > probably other files downloadable from http://dirbas.xtgem.com? > It's some syrian page. Unfortunately I am not well experienced in Java. > Here is the translation link: > http://translate.google.com/**translate?sl=auto&tl=en&js=n&** > prev=_t&hl=en&ie=UTF-8&layout=**2&eotf=1&u=http%3A%2F%**2Fdirbas.xtgem.com<http://translate.google.com/translate?sl=auto&tl=en&js=n&prev=_t&hl=en&ie=UTF-8&layout=2&eotf=1&u=http%3A%2F%2Fdirbas.xtgem.com> > > There is also another page http://al-slam.iftopic.com with post "Strong > program is detachable provider with more than 250 server to register > E-mails" - E-mails are JIDs in this case. > Here is the translation link: > http://translate.google.com/**translate?hl=en&sl=auto&tl=en&** > u=http%3A%2F%2Fal-slam.**iftopic.com%2F<http://translate.google.com/translate?hl=en&sl=auto&tl=en&u=http%3A%2F%2Fal-slam.iftopic.com%2F> > > This could help us understand and solve the situation with the MUC floods > probably. > > Thank you. > > -- > Peter >
