hehe, yeah sometimes trickie attackers do come around, they're script kiddies in nature as they don't know much about what the exploit is doing, for them it just gets them root. But at times they are good users of linux/unix etc. I once saw a backdoor which spawns a rootshell on any custom port on recieving a ping packet with a particular pattern in it. like ping -p opensesame backdoored.box.ip and then telneting to the port defined in backdoor. This isn't a biggie as such backdoors do exist, but i saw an ipchains rule disallowing icmp from all and only from a few ip's which were attacker's already rooted boxes. And once i saw an attacker trying to debug a backdoor's faulty DES schema on one of EFNET's channel. So there are certain levels concerning unix/linux/programming skills among skiddies too. They should never be under-estimated.
Regards, --------- Muhammad Faisal Rauf Danka Chief Technology Officer Gem Internet Services (Pvt) Ltd. web: www.gem.net.pk Vice President Pakistan Computer Emergency Responce Team (PakCERT) web: www.pakcert.org Chief Security Analyst Applied Technology Research Center (ATRC) web: www.atrc.net.pk --- Matthew Berg <[EMAIL PROTECTED]> wrote: >On Sun, 2002-06-09 at 16:19, Terry Browning wrote: > _____________________________________________________________ --------------------------- [ATTITUDEX.COM] http://www.attitudex.com/ --------------------------- _____________________________________________________________ Promote your group and strengthen ties to your members with [EMAIL PROTECTED] by Everyone.net http://www.everyone.net/?btn=tag
