Re: ftp warez server snake ?
From: M. Shirk (shirkdog_list_at_hotmail.com)
Date: 12/08/04
- Previous message: Andreas Putzo: "Re: ftp warez server snake ?"
- In reply to: Peter Moody: "Re: ftp warez server snake ?"
- Next in thread: H Carvey: "Re: ftp warez server snake ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: incidents@securityfocus.com Date: Wed, 08 Dec 2004 12:21:53 -0500
Here is a link to look at the plugins and get around the new site:
http://cgi.nessus.org/plugins/
Shirkdog
http://www.shirkdog.us
>From: Peter Moody <peter@ucsc.edu>
>To: Andreas Putzo <andreas@inferno.nadir.org>
>CC: incidents@securityfocus.com
>Subject: Re: ftp warez server snake ?
>Date: Tue, 07 Dec 2004 14:17:29 -0800
>
>
> > There is also an auth server listening, providing me this:
> >
> > # nc 194.xx.x.xxx 113
> >
> > : USERID : UNIX : ekwaxtjm
>
>Auth server returning garbage date = Compromise, especially when not
>prodded. I'd provide you with the nessus plugin that explains this but
>it looks like tennable has destroyed what used to be a useful nessus.org
>website.
>
>Short answer, the machine is owned and should be format/reinstall
>treatment.
>
>Regards,
>-Peter
>--
>Peter Moody <peter@ucsc.edu>
>Information Security Administrator 831/459.5409
>Information and Technology Services UC Santa Cruz
>http://security.ucsc.edu/pgp/peter.moody.pub AS5739
>:wq
><< signature.asc >>
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today - it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
- Previous message: Andreas Putzo: "Re: ftp warez server snake ?"
- In reply to: Peter Moody: "Re: ftp warez server snake ?"
- Next in thread: H Carvey: "Re: ftp warez server snake ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
