[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Strange Apache log and mambo security - sexy executable



Oops...didn't trim enough of the response and curiosity made me research
this.

According to the sophos site:

--cut--
Linux/Rst-B will attempt to infect all ELF executables in the current
working directory and the directory /bin

If Linux/Rst-B is executed by a privileged user then it may attempt to
create a backdoor on the system. This is achieved by opening a socket
and listening for a particular packet containing details about the
origin of the attacker and the command the attacker would like to
execute on the system.

--end--



I'd reinstall since you ran this executable on your system as root.  Who
knows what the full extent of the damaged caused is...

Attachment: signature.asc
Description: Digital signature


Reply to: