Security Incidents mailing list archives
Re: 'rooted' NT/2K boxen?
From: "William N. Zanatta" <william () veritel com br>
Date: Thu, 02 May 2002 17:57:23 -0300
Search Google... two things in a first overview of the results... http://www.crackinguniversity2000.it/Paper/__==__--%20rootkit%20--__==__.htm http://builder.cnet.com/webbuilding/0-7532-8-4877567-1.html?tag=st.sw.3923222.bhed.7284-8-4877567-1 personally I don't see a need for it as Windows is a rootkit itself. for you, the 2nd link should be more interesting... William Zanatta H C wrote:
Recently, there have been several messages posted to this list about rooted Linux boxen. My question is this...has anyone seen NT/2K boxen 'rooted', in the sense that a Linux box is usually rooted...completely taken over, trojaned binaries, backdoors, users installed, rootkit(s), tools copied over? If so, what, if any, info would you be willing to share about the system? I'm trying to get an idea of how prevalant this sort of thing is, and also to see what's being done, so as to not only better protect my systems, but to assist me in building a better incident response methodology. Thanks.
---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service.For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- 'rooted' NT/2K boxen? H C (May 02)
- Re: 'rooted' NT/2K boxen? William N. Zanatta (May 02)
- <Possible follow-ups>
- Re: 'rooted' NT/2K boxen? zeno (May 02)
- Re: 'rooted' NT/2K boxen? H C (May 02)
- Re: 'rooted' NT/2K boxen? Cody Hatch (May 02)
- Re: 'rooted' NT/2K boxen? H C (May 02)
- Re: 'rooted' NT/2K boxen? KJK::Hyperion (May 06)
- Re: 'rooted' NT/2K boxen? H C (May 02)
- Re: 'rooted' NT/2K boxen? Cody Hatch (May 02)
- Re: 'rooted' NT/2K boxen? H C (May 03)