Hi. Jean Christophe ANDRÃ0/00 wrote:
But may be the main point is: is it really possible to have multiple instance of the .bugtraq program?!? If so, all of them would join the network and should receive the mail-sleep-kill command!
I've seen two processes running on an infected server. But when thinking about it, this most probably was a forked part. Which would die as soon as the parent is killed. So the version you proposed, kill $ppid, should be safe.
Bye, Mike