I'm working on a server that has been "owned" for over a year. Needless to say, there are a significant number of what I would call "questionable" files on the box. Some of them I can quickly identify, albeit not authoritatively at this point, (e.g. httpodbc.dll), but others I cannot. If I MD5 the collection of questionable files, is there a database I can cross-reference my MD5's against to authoritatively identify what these things are? I understand I may end up with some unknowns depending on how the executables were compressed and/or wrapped. Thanks, Mark ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Sat Jan 18 2003 - 15:29:34 PST