Re: Security Experts, help, what is this (bad stuff)?

From: Michael Heiming (michael+USENET_at_www.heiming.de)
Date: 04/30/05

• Next message: Ohmster: "Re: Security Experts, help, what is this (bad stuff)?"
• Previous message: Ohmster: "Re: Security Experts, help, what is this (bad stuff)?"
• In reply to: Ohmster: "Security Experts, help, what is this (bad stuff)?"
• Next in thread: Ohmster: "Re: Security Experts, help, what is this (bad stuff)?"
• Reply: Ohmster: "Re: Security Experts, help, what is this (bad stuff)?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sat, 30 Apr 2005 07:05:44 +0200

In comp.os.linux.security Ohmster <notareal@emailaddress.com>:
> I have been having what I thought was a formmail exploit on my machine.
> know that when I have these spam attacks, I have an unknown process
[..]

> terrible stuff please, some kind of Trojan I think. I tarred it up and
> put it on my outsourced server at newsguy for somebody to anylize:

> http://www.cinmiester.com/temp/BadStuff.tgz

[..]

> 11/15/2004 10:15 AM 19,242 r0nin

PsychoPhobia Backdoor is starting...

Looks like what it says, just another backdoor to your system,
you are still running this EOL distro (RH 9) directly connected
to the internet. while it seems obvious, from your contribution
to cms, that you are missing the skills to update/secure the
system.

You should disconnect it from the internet NOW and setup a recent
distro, install all patches, close down anything unneeded and fire
up iptables to deny anything. You shouldn't wonder if your ISP
shuts down your account for good reasons, if your system is
abused to annoy others on the internet with spam and alike.

[..]

-- 
Michael Heiming (X-PGP-Sig > GPG-Key ID: EDD27B94)
mail: echo zvpunry@urvzvat.qr | perl -pe 'y/a-z/n-za-m/'
#bofh excuse 450: Terrorists crashed an airplane into the
server room, have to remove /bin/laden. (rm -rf /bin/laden)

• Next message: Ohmster: "Re: Security Experts, help, what is this (bad stuff)?"
• Previous message: Ohmster: "Re: Security Experts, help, what is this (bad stuff)?"
• In reply to: Ohmster: "Security Experts, help, what is this (bad stuff)?"
• Next in thread: Ohmster: "Re: Security Experts, help, what is this (bad stuff)?"
• Reply: Ohmster: "Re: Security Experts, help, what is this (bad stuff)?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Big security problem ... Welcome to the Internet. ... > well and always use strong passwords. ... That's one facet of a secure PC, ... > SPAM EMAIL/JUNK MAIL ... (microsoft.public.security) Re: FTC Do Not Call List ... Spam is Unsolicited Broadcast Email. ... An effort to create a new Internet email ... >> impose email postage stamps. ... If you want me to pay in order to send you email, ... (comp.dcom.telecom) Re: There needs to be an international policy ... Here is a traceroute to one of those Chinese spam sites: ... > Global to take China out of their BGP routers. ... > place of China if you decide to firewall China off of the Internet, ... or, at the least, nationalize the U.S. components of the ... (microsoft.public.security) Re: Bedzie Nowy browser... Googla [NTG czyli spamerzy w ataku] ... internetowej jako spam? ... Jak rozumiem ty zyczysz sobie stanowczo otrzymywac informacje o ... najpopolarniejszych 'browser'ow' takich jak Internet Explorer, ... Nie kupuje panskiego twierdzenia ze taka informacja to spam. ... (soc.culture.polish) Letter ... An open letter to AOL: ... which is a threat to the free and open Internet. ... filters and go directly to AOL members' inboxes. ... A pay-to-send system won't help the fight against spam - in fact, ... (alt.privacy)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint