'rooted' NT/2K boxen?

From: H C (keydet89at_private)
Date: Thu May 02 2002 - 10:31:04 PDT

  • Next message: Will Aoki: "Re: ssh scans using username 'test' or 'oracle'?"

    Recently, there have been several messages posted to
    this list about rooted Linux boxen.  My question is
    this...has anyone seen NT/2K boxen 'rooted', in the
    sense that a Linux box is usually rooted...completely
    taken over, trojaned binaries, backdoors, users
    installed, rootkit(s), tools copied over?
    If so, what, if any, info would you be willing to
    share about the system?
    I'm trying to get an idea of how prevalant this sort
    of thing is, and also to see what's being done, so as
    to not only better protect my systems, but to assist
    me in building a better incident response methodology.
    Do You Yahoo!?
    Yahoo! Health - your guide to health and wellness
    This list is provided by the SecurityFocus ARIS analyzer service.
    For more information on this free incident handling, management 
    and tracking system please see: http://aris.securityfocus.com

    This archive was generated by hypermail 2b30 : Thu May 02 2002 - 13:14:39 PDT