More then aware of it... one of my clients (who became a client because of this actually), had there MS FTP box rooted, and that was installed on there. If you have found the dameware, also look for mirc, and a FTP server. The server you found it on was probably joined to a bot net. Nick ----- Original Message ----- From: "John" <johnccostaat_private> To: <incidentsat_private> Sent: Wednesday, June 04, 2003 11:31 AM Subject: Dameware Malcode? Is anyone aware of it? Is anyone aware of the existence of Dameware malcode that makes use of Damaware mini-remote control to provide an attacker with backdoor access to systems? Thanks John ---------------------------------------------------------------------------- ---------------------------------------------------------------------------- ---------------------------------------------------------------------------- ----------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Fri Jun 06 2003 - 08:41:32 PDT