Recently, there have been several messages posted to the Incidents list about rooted Linux boxen. My question is this...has anyone seen NT/2K boxen 'rooted', in the sense that a Linux box is usually rooted...completely taken over, trojaned binaries, backdoors, users installed, rootkit(s), tools copied over?
If so, what, if any, info would you be willing to share about the system? I'm trying to get an idea of how prevalant this sort of thing is, and also to see what's being done, so as to not only better protect my systems, but to assist me in building a better incident response methodology. Thanks. __________________________________________________ Do You Yahoo!? Yahoo! Health - your guide to health and wellness http://health.yahoo.com
