Re: cracked? "rm uses obsolete (PF_INET,SOCK_PACKET)"
Quoting Fuska (fuska@phreaker.net):
> No, that isn't normal. It seems that you have been infected whith the rstb
> virus. It infects all executable files under /bin/ directory and under the
> directory from which the infected file has been launched. Seach for
> rstb_cleaner, whith this tool you can clean the infected files.
Ah, a local ELF-header infector. How quaint! Haven't seen those in a
dog's age.
> Most of 7350* fake 0days are infected with some kind of virus. Maybe
> a user uploaded and executed an infected exploit.
Executed with root-user authority, if the process modified /bin/*, yes?
--
Cheers, First they came for the verbs, and I said nothing, for
Rick Moen verbing weirds language. Then, they arrival for the nouns
rick@linuxmafia.com and I speech nothing, for I no verbs. - Peter Ellis
Reply to: