[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [suse-security] Re: Backdoor over http(s)??
Well, actually the 218-machine has an open smtp-port, and accepts whatever You
can imagine.. I sent already a message to "all" there about these findings...
And the domain where this IP is, is somewhere in far-east, at least what I can
tell about the bird-feet chars that comes up there...
Tobias Weisserth kirjoitti viestissään (lähetysaika Tiistai 13. Tammikuuta
> Hello Mark,
> Am Die, den 13.01.2004 schrieb Retallack, Mark (Siemens) um 17:27:
> > As far has I can tell there are 2 IP address that we have:
> > 126.96.36.199 - From where the files are downloaded
> > 188.8.131.52 - Where the application connects to when it is run on the
> > compromised machine.
> Ah. I didn't notice there are two machines involved here. Is there a way
> to find out who is running those machines and send along a message to
> shut down one of them so that this scriptkiddy has to look for another
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here