Hi, Do you have any details? The german notice sounds like someone broke into their nagios system, but not necessarily by a nagios backdoor.
Sven On 6/6/13 18:31, Kirill Bychkov wrote: > Hello list, > > I am client of Hetzner Online (http://hetzner.de) > They are sent me email this following text (part): > = > At the end of last week, Hetzner technicians discovered a "backdoor" in one > of our internal monitoring systems (Nagios). > > The malicious code used in the "backdoor" exclusively infects the RAM. First > analysis suggests that the malicious code directly infiltrates running Apache > and sshd processes. Here, the infection neither modifies the binaries of the > service which has been compromised, nor does it restart the service which has > been affected. > = > I wrote it just for information. > > > > ------------------------------------------------------------------------------ > How ServiceNow helps IT people transform IT departments: > 1. A cloud service to automate IT design, transition and operations > 2. Dashboards that offer high-level views of enterprise services > 3. A single system of record for all IT processes > http://p.sf.net/sfu/servicenow-d2d-j > > > _______________________________________________ > Nagios-users mailing list > Nagios-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when reporting > any issue. > ::: Messages without supporting info will risk being sent to /dev/null -- Sven Nierlein sven.nierl...@consol.de ConSol* GmbH http://www.consol.de Franziskanerstrasse 38 Tel.:089/45841-439 81669 Muenchen Fax.:089/45841-111 ------------------------------------------------------------------------------ How ServiceNow helps IT people transform IT departments: 1. A cloud service to automate IT design, transition and operations 2. Dashboards that offer high-level views of enterprise services 3. A single system of record for all IT processes http://p.sf.net/sfu/servicenow-d2d-j _______________________________________________ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
