[Full-disclosure] Devil Linux has NO irc bots onboard
Victor Grishchenko
gritzko at plotinka.ru
Fri Oct 20 15:47:04 BST 2006
Hi!
Just to confirm that we found traces of the actual intrusion. There
are no IRC bot in Devil Linux 1.2.10 distro. Sorry for my previous
mail. It was just a coincidence of coincidences both of technical and
human nature.
Namely, there was an intrusion to a DL host not exposed to the
internet (low-probability event) made in a short timeframe from
reboot to the moment the bot was discovered (l-p event). The
intrusion was made via a chain of DMZ/intranet hosts (lpe). Also, our
proxy cached a zero-size page for devil-linux.org for unknown reason
(lpe). There were also other low-probability events.
Devil Linux is OK, we are going to use it in production after
performing all the necessary exorcism procedures.
Victor
Full-Disclosure is hosted and sponsored by Secunia.