[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: bindshell chkrootkit warning

Il giorno 13/gen/2010, alle ore 20.05, alessio ha scritto:

> statd     2937  0.0  0.5   1952   712 ?        Ss   16:14   0:00 /sbin/rpc.statd

non so' come te la cavi con l'inglese, ma questa definizione calza bene:

Definition: statd (rpc.statd, NFS status daemon): The rpc.statd service is a relatively obscure subsystem of the NFS protocol used primarily on UNIX. It is used so that if an NFS server crashes and comes back alive, it can notify clients that this event happened. Many important vulnerabilities have been found in rpc.statd. This means that while it is not so important to system administrators, it is very important to hackers. History: In 1998, Solaris systems across the Internet were broken into via rpc.statd due to a buffer overflow vulnerability (see Solar Sunrise). In 2000, Linux systems throughout the Internet were broken into via a format string vulnerability. From Hacking-Lexicon

Mauro Morichi
Nonsolocomputer s.r.l.

Reply to: