On Thu, 7 Sep 2000, Matt Fahrner wrote:

>One thing I can't find a good document on is *how* these denial of
>service programs (the binaries) got onto the Linux boxes in the first
>place. Were they installed through the "rpc.statd" hole? Is it IRC
>buffer overflow issue (it doesn't sound like it)? How did the trojan
>horses get onto the systems? The docs I find concentrate on finding the
>trojan itself but not closing the hole(s) that allowed the trojan in in
>the first place (which is frankly more my concern).

Someone could have broke in via any one of a tonne of known or
unknown holes and installed a DoS trojan.  If you're infected, it
is unlikely that you'll determine how...  

--
Mike A. Harris  |  Computer Consultant  |  Capslock Consulting
Linux Advocate  |  Open Source Advocate |  Red Hat Linux Fanatic
"A Firewall is really much like a sophisticated traffic cop; it detects and
stops unauthorized or suspicious movement in or out of the network. But
security is more than a Firewall; it's a process. You can't just put in a
Firewall and think you're secure."



_______________________________________________
Redhat-devel-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-devel-list

Reply via email to