[rlug] Re: in.amdq

Ciprian Niculescu Wed, 06 Sep 2000 03:37:54 -0700
am facut asa, am curatat , dar tot nu am incredere acum in masina aia

C

Emilian URSU wrote:

> mai intai vezi pe ce port ruleaza:
> bash$> grep amd /etc/services
> incearca apoi sa te conectezi la portul respectiv
> si apoi vezi ce foloseste:
> bash$> lsof -c amd
> analizeaza raspunsurile
>
> :si eu am avut exact asa pe o masina, face un shell (de root) pe un port, am sters
> :/dev/sd... , dar tre, cel mai bine reinstalata masina, la mine cel putin era si un
> :script care facea curatenie in loguri, la tine???? daca ai ceva info prin ele , le
> :vreau si eu
> :
> :C
> :
> :Raz van Radu wrote:
> :
> :> On Tue, 5 Sep 2000, Stefan Laudat wrote:
> :>
> :> > > ce dreaku' e asta, subj ?
> :> > > arata a sniffer:
> :> >
> :> > mie imi arata a sshd =-D
> :> >
> :> > >   -f file    Configuration file (default /dev/sdc0/.nis01/sshd_config)
> :> > >   -d         Debugging mode
> :> > >   -i         Started from inetd
> :> > >   -q         Quiet (no logging)
> :> > >   -p port    Listen on the specified port (default: 22)
> :> > >   -k seconds Regenerate server key every this many seconds (default: 3600)
> :> > >   -g seconds Grace period for authentication (default: 300)
> :> > >   -b bits    Size of server RSA key (default: 768 bits)
> :> > >   -h file    File from which to read host key
> :> > > (default: /dev/sdc0/.nis01/ssh_host_key)
> :> > >   -V str     Remote version string already read from the socket
> :> > >
> :> > > a si, ce sunt aceste /dev/sdc
> :> > >
> :> > locul pe unde spargatorul masinii tale a ascuns restul de fisiere probabil.
> :> > mare minune ca sshd asta sa nu fie backdoored ;)
> :>
> :> adica snifferit, sau ce inseamna ?
> :>
> :> fii atent ce are /dev/sdc0/.nis01/sshd_config
> :>
> :> HostKey /dev/sdc0/.nis01/shk
> :> RandomSeed /dev/sdc0/.nis01/srs
> :>
> :> misto nu ?
> :> sunt distrus, cre' ca e sniffer pe ssh
> :> >
> :> >
> :>
> :> ---
> :> Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to
> :> unsubscribe from this list.
> :
> :
> :---
> :Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to
> :unsubscribe from this list.
> :
>
> ---
> Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to
> unsubscribe from this list.


---
Send e-mail to '[EMAIL PROTECTED]' with 'unsubscribe rlug' to 
unsubscribe from this list.
[rlug] Re: in.amdq

Raspunde prin e-mail lui
