ATTENTION SAMBA SECURITY TEAM... [slightly OT]
sketch at niihau.student.utwente.nl
Tue Apr 15 13:58:39 GMT 2003
On Tuesday 15 April 2003 08:24, Lanny Baron wrote:
> A system I use was toasted on the weekend. The attachment is what was
> left of /root on a FreeBSD box.
On my network multiple systems were compromised on the 4th of April, 3 days
before the vulnerability was announced. Please everyone, be VERY careful!
The rootkit that was used on linux/i86 was the SuckIT toolkit. You can check
if your system is compromised by typing:
ls -la /usr/share/locale/sk/.sx12
If this dir exists, you have been infected.
I understand this is a little offtopic but considering number of computers on
our network that were attacked (> 50 compromised!!!!) it might be relevant.
More information about the samba-technical