hi, > ok, i found it: > > http://rr.sans.org/malicious/ramen3.php > > maybe you keep an eye of your system. > it installed a backdoor on port 2000. > > it installed several things: > > /tmp/xp > /tmp/l
Have you set up a seperate partition for /tmp? Because it's a good security practice to mount /tmp with the option "noexec". Always a good read for x-mas vacation: The Gentoo Security Guide :) http://www.gentoo.org/doc/en/gentoo-security.xml -daniel ---------------------------------------------- [EMAIL PROTECTED] Maillist-Archive: http://www.mail-archive.com/swinog%40swinog.ch/
