%-> A recent popular method of gaining root access to some
%-> networked machines
%-> involved exploitation of the NXT record buffer overflow in
%-> BIND; it became
%-> so popular in later March that CERT put out a new advisory on
%-> the problem
%-> which had been the subject of an advisory last
A recent popular method of gaining root access to some networked machines
involved exploitation of the NXT record buffer overflow in BIND; it became
so popular in later March that CERT put out a new advisory on the problem
which had been the subject of an advisory last year. This issue is why
R
hm. very puzzling. this is ps output from a Solaris
box, isn't it?
Brad wrote:
>
> Dear all,
> I am a newbie as a administrator of company's workstations.
> Now I find(use "netstat") someone use Scorpio(one of workstaions) as a
> tcp proxy server at port 60400, but I don't know how to stop
> it
I'm not sure, but the 60400 port may be the Trin00 stuff... I got hacked
with that one, & I never did find the daemon that was running... It looked
a liitle to me like the script is set up to run periodically, maybe by cron
- so check your cron.hourly, etc for something that'll run things that
s
