RE: SSH compiled with backdoor

From: Chain, David (NA ITRC Team Lead) (david.chain_at_hp.com)
Date: 09/02/05

  • Next message: Joshua Hamor: "Re: Cisco vulnerability scanning increase"
    Date: Fri, 2 Sep 2005 13:33:39 -0700
    To: <james@securityfocus.com>, <incidents@securityfocus.com>
    
    

    VI is much better than PICO.. But chances are, if he is looking to do
    something harmful, it will be embedded deeper then in the java
    libraries.

    David.

    -----Original Message-----
    From: james@securityfocus.com [mailto:james@securityfocus.com]
    Sent: Friday, September 02, 2005 1:05 AM
    To: incidents@securityfocus.com
    Subject: Re: SSH compiled with backdoor

    it's quite interesting. Although i can't find any reason for these
    commands.

    mkdir /lib/java
    cp /usr/sbin/sshd a
    mv a /lib/java

    It might be that he wants to come back and do something with it.
    Anyone?

    (btw, why not delete pico from your system and intall vi(m)... he might
    get pissed and leave. )

    cheers.


  • Next message: Joshua Hamor: "Re: Cisco vulnerability scanning increase"