Security Incidents mailing list archives
Re: Tools to analyze...:SUMMARY and trojaned file attached
From: achuvaki () IC SUNYSB EDU (Anton Chuvakin)
Date: Fri, 21 Apr 2000 16:26:47 -0400
Hi there! This message is to summarize all of the responses I got and to send one of the files (in.fingerd, ELF 32-bit LSB executable, Intel 80386, unstripped) as I was asked. I am not that big in x86 assembly so I am still not sure what "evil stuff" it is supposed to perform. SUMMARY of tools (order of usage) 0. file 1. strings, grep 2. gdb, memprof, strace, ltrace, nm, ldd 3. objdump, reqt (uses several other tools like nasm, readelf, objdump) 4. lsof, packet sniffer Attached is the finger daemon that attackers deployed. Regards, -- Anton A. Chuvakin
Where is a will there is a way. <<
http://www.chuvakin.org licq: 29034084 <HR NOSHADE> <UL> <LI>APPLICATION/OCTET-STREAM attachment: stored </UL>
Current thread:
- Re: Tools to analyze...:SUMMARY and trojaned file attached Anton Chuvakin (Apr 21)