Betr.: RE: [Full-Disclosure] Automated ssh scanning
BlueBoar at thievco.com
Fri Aug 27 02:49:01 BST 2004
> LOL that file is infected with rst.b and you ran it?? hope it was inside
> a chroot() other wise time to replace every elf binary >:)
Who, me? No. I opened it with Notepad, as indicated in my mail.
If you've been following the thread, you'll see the bit where it was run
is a paste from an earlier note showing the history file. In this case,
it was the original attacker/script that did so, I believe.
Full-Disclosure is hosted and sponsored by Secunia.