Sebastian Willing wrote:
Hi! Maybe, you should scan your /etc/passwd for a user called "Malk" and/or "Malk2"> which has uid:gid 0:0 but no password!
It came along with a new directory inside /dev which > > >contained some tools to hack the system, hide tasks/files in >ps/ls and some more! Also /etc usaully hidden from the modified ls. Likes to use "blah" as
You could also a run a diff-routine every hour or so.( Which is what I am doing since he`s been. Also check the end of inetd.conf. dirname. Maybe he`s a robot.
bye, Sebastian bye for now. dan
----------------------------------------------------------- ~ WEBDIREKT INTERNET SERVICE GMBH ~ ~ the e-business intelligence company ~ ----------------------------------------------------------- ~ Dieselstr. 5 Fon: (+49) 6173 / 9359-88 ~ ~ D-61476 Kronberg Fax: (+49) 6173 / 9359-59 ~ ~ http://www.webdirekt.de mailto:sysop@webdirekt.de ~ -----------------------------------------------------------
participants (1)
-
Webdirekt Sysop