[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Re: Backdoor over http(s)??


Well, actually the 218-machine has an open smtp-port, and accepts whatever You 
can imagine.. I sent already a message to "all" there about these findings...

And the domain where this IP is, is somewhere in far-east, at least what I can 
tell about the bird-feet chars that comes up there...


Tobias Weisserth kirjoitti viestissään (lähetysaika Tiistai 13. Tammikuuta 
2004 18:52):
> Hello Mark,
> Am Die, den 13.01.2004 schrieb Retallack, Mark (Siemens) um 17:27:
> > As far has I can tell there are 2 IP address that we have:
> >
> > - From where the files are downloaded
> >    - Where the application connects to when it is run on the
> > compromised machine.
> Ah. I didn't notice there are two machines involved here. Is there a way
> to find out who is running those machines and send along a message to
> shut down one of them so that this scriptkiddy has to look for another
> victim?

Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here