Re: trojaned SSHD ?
From: Dr. Ernst-Udo Wallenborn (euw@mail.deuba.com)Date: 09/21/01
- Previous message: Konrad Rieck: "Re: trojaned SSHD ?"
- In reply to: Karthik Krishnamurthy: "trojaned SSHD ?"
- Next in thread: Casper ***: "Re: trojaned SSHD ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 21 Sep 2001 10:31:42 +0200 (CEST) From: "Dr. Ernst-Udo Wallenborn" <euw@mail.deuba.com> To: <FOCUS-SUN@securityfocus.com> Subject: Re: trojaned SSHD ? Message-ID: <Pine.LNX.4.31.0109211028470.8655-100000@euw.gefm.eur.deuba.com>
On Fri, 21 Sep 2001, Karthik Krishnamurthy wrote:
>Hullo list,
>Saw this recently on a SunOS 2.6 running sshd version
>1.2.26 [sparc-sun-solaris2.6]
[snip]
> Looks very suspicious. Anybody else seen something like this ?
As far as i know this is not a trojan. ssh1 used the outputs of netstat
and ls -alni as seed for the random number generator. I have an old
computer here which still has 1.2.26 on ist, and strings sshd here
has the same result as yours.
- Previous message: Konrad Rieck: "Re: trojaned SSHD ?"
- In reply to: Karthik Krishnamurthy: "trojaned SSHD ?"
- Next in thread: Casper ***: "Re: trojaned SSHD ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
