Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Re: Suspicious files in /tmp
Jun 18 2007 04:47PM
Matt D. Harris (mdh solitox net)
They're being executed despite filesystem mount options because the
script isn't being executed, the perl interpretter is. The script is
being read and interpretted by the perl interpretter. Interesting - I
hadn't thought of this before. Some logic to check the underlying
filesystem of a scri...
[ more ]
Copyright 2010, SecurityFocus