[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: I've been hacked by DevilSoul

On Thu, Jan 10, 2002 at 08:31:00PM -0800, Alvin Oga wrote:

> - if you think they used a simple/ordinary rootkits... you can 
>   try some of the rootkit detectors
> 	http://www.chkrootkit.org/

Great tool....

Got : 

Searching for t0rn's default files and dirs... Possible t0rn rootkit installed
Searching for t0rn's v8 defaults... nothing found

ALL The rest of the log is clean....

A RootKit was installed, only the sniffer was used...

Any idea of what the «default files and dirs» are ?

         Tks,         Jacques


            0CBE 3F8A 5A77 A35C 27C7  2D42 3EC5 806B 9178 088D

Attachment: pgpe9K4dFkQvS.pgp
Description: PGP signature

Reply to: