Security Incidents mailing list archives
Re: nouser - rootkit ?
From: Jose Nazario <jose () biocserver BIOC cwru edu>
Date: Tue, 12 Mar 2002 16:54:55 -0500 (EST)
On Tue, 12 Mar 2002, Kyle R Maxwell wrote:
Obscure though it may be, a rootkit might have been written for IRIX either due to intentional targeting of a particular organization, or with the realization that IRIX deployments are typically fairly powerful installations, not your run-of-the-mill ISP (this includes folks like NASA, etc.) There have even been a few major websites that ran on IRIX for a good amount of time.
more common, for the hacker, are .edu installs of irix. lots of
researchers use irix. lots of those researchers are not so saavy with the
unix, even less so with the security end of it (not that irix is easy to
secure)
____________________________
jose nazario jose () cwru edu
PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
PGP key ID 0xFD37F4E5 (pgp.mit.edu)
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
Current thread:
- nouser - rootkit ? Dan Uscatu (Mar 10)
- Re: nouser - rootkit ? Eric Brandwine (Mar 11)
- Re: nouser - rootkit ? Ryan Russell (Mar 11)
- Re: nouser - rootkit ? Konrad Rieck (Mar 11)
- Re: nouser - rootkit ? Bruce Ediger (Mar 12)
- Re: nouser - rootkit ? Kyle R Maxwell (Mar 12)
- Re: nouser - rootkit ? Jose Nazario (Mar 12)
- Re: nouser - rootkit ? Eric Brandwine (Mar 12)
- Re: nouser - rootkit ? [:multiple root kit thread:] Dan Rohan (Mar 12)
- Re: nouser - rootkit ? Dave Dittrich (Mar 12)
- Re: nouser - rootkit ? Eric Brandwine (Mar 12)
- Re: nouser - rootkit ? Brian Hatch (Mar 12)
- Re: nouser - rootkit ? Eric Brandwine (Mar 11)
- <Possible follow-ups>
- Re: nouser - rootkit ? Bill_Royds (Mar 12)