Hi, I found a rootkit on a compromised machine, and I have not been able to identify it, tho I knew of some of its components. This rootkit is named evilkit rootkit, and I did a short analysis of it that you can find here: http://www.ebat.org/~jethro/evilkit.txt or here http://www.securitynerds.org/html/forensics/forensic-papers.html I ve not been able to identify all components so it's up to the ones willing to do it to finish the job. Cheers. -- Jerome [pgp keyid : 33D7802F http://pgp.mit.edu] [key fingerprint : 82E6 C9C8 05D1 BEAC 9353 8ECB CEAF 6A0A 33D7 802F] <b> ---------------------------------------------------------------------------- Is SPAM over-loading your e-mail server, disk space or bandwidth? SurfControl E-Mail Filter is flexible, intelligent and policy-driven protection. http://www.securityfocus.com/SurfControl-incidents2 Download your free fully functional trial, complete with 30-days of free technical support. Stop SPAM before it stops you. ---------------------------------------------------------------------------- </b>
This archive was generated by hypermail 2b30 : Mon Apr 07 2003 - 15:47:38 PDT