Windows 2k rootkit incident, files zipped for your pleasure.

• Previous message: DBoulineau: "Re: Request for Raw Data"
• Next in thread: John Ives: "Re: Windows 2k rootkit incident, files zipped for your pleasure."
• Reply: John Ives: "Re: Windows 2k rootkit incident, files zipped for your pleasure."
• Reply: Dan Perez: "RE: Windows 2k rootkit incident, files zipped for your pleasure."
• Reply: defaillanceat_private: "Re: Windows 2k rootkit incident, files zipped for your pleasure."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Hi, with the help or Karl Levinson I was able to detect the presence of
a rootkit on one of my windows 2000 servers, I was able to grab the files
and zip them, so maybe we can watch for this stuff in the future, im not
sure if this rootkit has a particular name or what/not, you can get the
files here:

http://www.soul-fu.com/beenhaxxored.zip

Thanks Karl.

-Drew


----------------------------------------------------------------------------
----------------------------------------------------------------------------

• Next message: Ken Eichman: "Spoofed TCP SYNs w/Winsize 55808 (was: Help with an odd log file...)"
• Previous message: DBoulineau: "Re: Request for Raw Data"
• Next in thread: John Ives: "Re: Windows 2k rootkit incident, files zipped for your pleasure."
• Reply: John Ives: "Re: Windows 2k rootkit incident, files zipped for your pleasure."
• Reply: Dan Perez: "RE: Windows 2k rootkit incident, files zipped for your pleasure."
• Reply: defaillanceat_private: "Re: Windows 2k rootkit incident, files zipped for your pleasure."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jun 12 2003 - 10:49:13 PDT