Security Basics mailing list archives
RE: ASPXSPY
From: "Jared C. Henry" <jared.henry () heartlandsig com>
Date: Fri, 3 Oct 2008 08:09:02 -0500
I know. The developers are the ones keeping us from going forward. They state they don't have time for the migration and do not understand the problems behind keeping the 2000 box. Everyone seems to be clueless all the way up the chain. Thank you for your reply. Jared -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Reza Ambler Sent: Thursday, October 02, 2008 11:47 AM Cc: security-basics () securityfocus com Subject: Re: ASPXSPY Jared, I think your best bet is going to be getting off Windows 2000 ASAP. If you can't afford to go to Windows 2003 or 2008 then you can use MONO for your ASP run time on a linux variant. ----- "Jared C. Henry" <jared.henry () heartlandsig com> wrote:
Hey Everyone, I had a quick question. I was looking at one of my servers awhile ago and discovered an aspx file called "kk.aspx". After looking at the code it was quickly determined that it was a rootkit. After launching the page from the web and discovering it's capabilities I started to get sick at my stomach. Has anyone had any type of experience with this? I deleted the files. The server is running server 2000. Is there any type of recent exploits that would allow this that you know of? Thanks, Jared
Current thread:
- ASPXSPY Jared C. Henry (Oct 02)
- Re: ASPXSPY Reza Ambler (Oct 02)
- RE: ASPXSPY Jared C. Henry (Oct 03)
- Re: ASPXSPY Artyom El Sandro (Oct 06)
- RE: ASPXSPY Jared C. Henry (Oct 03)
- Re: ASPXSPY Adriel Desautels (Oct 06)
- Re: ASPXSPY Reza Ambler (Oct 02)