'rooted' NT/2K boxen?

From: H C (keydet89@yahoo.com)
Date: 05/02/02


Date: Thu, 2 May 2002 10:31:04 -0700 (PDT)
From: H C <keydet89@yahoo.com>
To: incidents@securityfocus.com

Recently, there have been several messages posted to
this list about rooted Linux boxen. My question is
this...has anyone seen NT/2K boxen 'rooted', in the
sense that a Linux box is usually rooted...completely
taken over, trojaned binaries, backdoors, users
installed, rootkit(s), tools copied over?

If so, what, if any, info would you be willing to
share about the system?

I'm trying to get an idea of how prevalant this sort
of thing is, and also to see what's being done, so as
to not only better protect my systems, but to assist
me in building a better incident response methodology.

Thanks.

__________________________________________________
Do You Yahoo!?
Yahoo! Health - your guide to health and wellness
http://health.yahoo.com

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com