On Tue, 22 Jan 2013 19:26:49 +0100 "Colin Hines"
wrote:
>I'm curious if this qualifies to be submitted to be
>included with rkhunter and if so, what's the best mechanism of
>doing that.
Usually I'd rather have people dump things at our SourceForge
tracker but since you mentioned it here I'll
On 01/22/2013 10:13 AM, Colin Hines wrote:
I came upon a hacked server in the wild that was running some errant perl
processes and found this: https://gist.github.com/4596612
I'm not sure it's technically a rootkit, since I don't believe it was able to exploit outside the security context of t
I came upon a hacked server in the wild that was running some errant perl
processes and found this: https://gist.github.com/4596612
I'm not sure it's technically a rootkit, since I don't believe it was able to
exploit outside the security context of the tomcat user. I'm curious if this
qualif
