On Wed, 7 Feb 2001, Matthias G. Imhof wrote: > Performing strobe or nmap on my system, I get, e.g., the following list:
(omissis) It is very likely that your host has been compromised and a rootkit installed. Do not trust any of the utilities on that host. Instead, boot off a (trusted) rescue cd with a clean system on it, and check with it. Be careful how you take down that computer: I have seen crackers install background processes that monitor e.g. the connectivity of the computer and do an "rm -rf /" command if they suspect they have been caught. As crazy as it sounds, if your computer has indeed been compromised the safest thing may indeed be to simply cut the power off. Whatever you do, be careful. Bye Giacomo _________________________________________________________________ Giacomo Mulas <[EMAIL PROTECTED], [EMAIL PROTECTED]> _________________________________________________________________ OSSERVATORIO ASTRONOMICO Str. 54, Loc. Poggio dei Pini * 09012 Capoterra (CA) Tel.: +39 070 71180 216 Fax : +39 070 71180 222 _________________________________________________________________ "When the storms are raging around you, stay right where you are" (Freddy Mercury) _________________________________________________________________