RE: there's a hacker!

2000-05-21 Thread Juha Saarinen
%-> A recent popular method of gaining root access to some %-> networked machines %-> involved exploitation of the NXT record buffer overflow in %-> BIND; it became %-> so popular in later March that CERT put out a new advisory on %-> the problem %-> which had been the subject of an advisory last

RE: there's a hacker!

2000-05-20 Thread Rick Warner
deny > ie: 60400:ALL > > > > -Original Message- > > From: Brad [SMTP:[EMAIL PROTECTED]] > > Sent: Sunday, May 14, 2000 9:07 PM > > To: [EMAIL PROTECTED] > > Subject:there's a hacker! > > > > Dear all, > > I am a newb

Re: there's a hacker!

2000-05-20 Thread Sam Bayne
hm. very puzzling. this is ps output from a Solaris box, isn't it? Brad wrote: > > Dear all, > I am a newbie as a administrator of company's workstations. > Now I find(use "netstat") someone use Scorpio(one of workstaions) as a > tcp proxy server at port 60400, but I don't know how to stop > it

RE: there's a hacker!

2000-05-20 Thread Burke, Thomas G.
Message- > From: Brad [SMTP:[EMAIL PROTECTED]] > Sent: Sunday, May 14, 2000 9:07 PM > To: [EMAIL PROTECTED] > Subject: there's a hacker! > > Dear all, > I am a newbie as a administrator of company's workstations. > Now I find(use "netstat") someone us

there's a hacker!

2000-05-18 Thread Brad
Dear all, I am a newbie as a administrator of company's workstations. Now I find(use "netstat") someone use Scorpio(one of workstaions) as a tcp proxy server at port 60400, but I don't know how to stop it.I used the "ps" command, it displayed as follows: UID PID PPID CSTIME TTY