('binary' encoding is not supported, stored as-is) In-Reply-To: <20020218161308.A26890at_private> Hi. The fact that /etc/ld.so.preload is successfully opened reminds me of some machines cracked lately at our site. In the preload file there was a lib listed (libshow) that successfully hided itself as well as other files/processes/... Have a check with a bootable (recovery) CD on that system, what is loaded via the preload. Bye, Jens Hektor ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Wed Feb 20 2002 - 15:08:58 PST