|
|
Incidents
Re: Increased activity on port 110 Feb 27 2007 07:29AM joakim berge gmail com (1 replies) Anybody recognize this Solaris compromise? Apr 13 2007 06:46PM David Gillett (gillettdavid fhda edu) (2 replies) Re: Anybody recognize this Solaris compromise? Apr 13 2007 09:30PM Axel Pettinger (api worldonline de) Re: Anybody recognize this Solaris compromise? Apr 13 2007 08:50PM Jamie Riden (jamie riden gmail com) (2 replies) Re: Anybody recognize this Solaris compromise? Apr 13 2007 09:42PM Matthew T. Fata (matt credibleinstitution org) |
|
Privacy Statement |
> http://www.kb.cert.org/vuls/id/881872
>
> Reformat and re-install? It's the only way to be sure you've cleaned
> it properly. Probably cheaper than a thorough forensic examination as
> well.
Ditto. If you've got a full capture of the outgoing telnet sessions
(the ones that could connect), it might be pretty easy to confirm this
is the vuln the attacker has been exploiting.
tim
------------------------------------------------------------------------
-
This list sponsored by: SPI Dynamics
ALERT: "How a Hacker Launches a SQL Injection Attack!"-
SPI Dynamics White Paper
It's as simple as placing additional SQL commands into a Web Form input
box giving hackers complete access to all your backend systems!
Firewalls and IDS will not stop such attacks because SQL Injections are
NOT seen as intruders. Download this *FREE* white paper from SPI Dynamics
for a complete guide to protection!
https://download.spidynamics.com/1/ad/sql.asp?Campaign_ID=70160000000CiN
E
------------------------------------------------------------------------
--
[ reply ]