Need some help
Drew B. [Security Expertise/Freelance Security research].
d4rkstorm at gmail.com
Sat May 14 08:29:21 PDT 2005
Hello,
I would like to ask for some specialist assistance in dissecting a
'rootkit' (seems to be massmailing specific,crafted somehow from
another kit perhaps)
It was found running on 5.x machines belonging (sofar) to my
knowledge, 2 companies,one of wich was an isp and another a webhosting
service running bsd.
I will provide the kit and further details as soon as i am sure the
thing will be dealt with by someone official.
Being properly examined so all exploits within it can be marked
out,whether new and/or old-modified is important and I cannot
successfully complete dissection with my current equipment.
The atacks are still happening, the familiar 'ebay' login page or
paypal, however, the bug itself is Linux-platform speciic, extremely
stable, and extremly hard to remove.
Anyone interested who has the abality,especially an A/V tech/worker
with a certificate from the company or atleast email header,or anyone
associated that can link this to freebsd security offically.
I can confirm that it is stable and running on v5.x FreeBSD now, and
have no idea how long it has been around.
Regards,
(&&assist)
--------------------------------------------------------------------
Drew B.
Independant Security analysis,for Aussies.
Security researcher/expert,threat-focus,Freelance.
More information about the freebsd-security
mailing list