Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. General Discussion (Legacy)
  4. Topic: E-smith 5.1.2 compromised with psyBNC rootkit
« previous next »
Pages: [1]   Go Down

E-smith 5.1.2 compromised with psyBNC rootkit

  • 1 Replies
  • 850 Views

Offline NickR

  • *
  • 283
  • +0/-0
    • http://www.witzendcs.co.uk/
E-smith 5.1.2 compromised with psyBNC rootkit
« on: March 19, 2004, 09:34:15 PM »
Just a heads-up for anyone still using 5.1.2

I have had 2 reports in the last week of fully patched 5.1.2 servers being compromised and turned into IRC anonomizers using the psyBNC rootkit.

Unfortunately, one of the machines was re-formatted before any forensics could be done.  However the other one is still intact & I will hopefully be getting the disk next week.

I will report back here if I can discover exactly how the box was compromised.
Logged
--
Nick......

Anonymous

Re: E-smith 5.1.2 compromised with psyBNC rootkit
« Reply #1 on: March 22, 2004, 11:27:34 AM »
Could you tell us how you found out? Is there something we should be looking out for?

-- Jason
Logged
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. General Discussion (Legacy)
  4. Topic: E-smith 5.1.2 compromised with psyBNC rootkit