Re: /usr/sbin/sshd trojaned?
From: Tony (tony.wong@stanford.edu)Date: 03/08/02
- Next message: Richard E. Silverman: "Re: OpenSSH (all versions between 2.0 and 3.0.2) local root exploit"
- Previous message: Bombadil: "Re: openssh-3.1p1 will not compile on VA Linux 6.2.4 system"
- In reply to: iLiad: "Re: /usr/sbin/sshd trojaned?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Tony" <tony.wong@stanford.edu> Date: Fri, 8 Mar 2002 10:45:59 -0800
No its not a date it the size in bytes compared
"iLiad >" <brad_grandorff@hotmail.com<removeme> wrote in message
news:3c8839f2_5@news1...
> Maybe I am just tired, but....
> That doesn't appear like a date?
>
> If the SSH executable was modified, that would be really interesting.
> You mention you think the file was definetly trojaned. Are you stating
that
> SSH still works when connecting
> to the box?
> Finally, I see you are at standford. If it tryuly has been hacked, and
this
> is a University system, you should
> really look closer. Depending on the seriousness, it may be something
where
> CERT or a similar agency needs
> to get involved. Or at least have a look at the code.
>
>
>
>
> "Tony" <tony.wong@stanford.edu> wrote in message
> news:a66ias$b5c$1@usenet.Stanford.EDU...
> > My debian box was hacked. I cheked the size of sshd and it turned out
to
> be
> > the date that the box was hacked and the size is:
> >
> > 652065
> >
> > compared to my other boxes, sshd is only 232412
> >
> > I think this file was definitely trojaned. How can I find out what this
> > trojan does? Any help appreciated.
> >
> >
> >
>
>
- Next message: Richard E. Silverman: "Re: OpenSSH (all versions between 2.0 and 3.0.2) local root exploit"
- Previous message: Bombadil: "Re: openssh-3.1p1 will not compile on VA Linux 6.2.4 system"
- In reply to: iLiad: "Re: /usr/sbin/sshd trojaned?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
