[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] have I been 0wn3d?
- Subject: Re: [cobalt-security] have I been 0wn3d?
- From: John Bailey <support@xxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 16 Sep 2002 21:07:15 +0100 (BST)
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
> So basically, there's plenty of info on this list for me to protect
> myself, but I'm afraid that I've already been owned. Can someone give me
> a bit of insight as to how to find out for sure?
According to those who've seen it (and assuming that there are no
variants out yet):
-) "ps -ax | grep bugtraq" will show a process ".bugtraq" if it's running.
-) There'll be a file called /tmp/.bugtraq.c in the machine containing the
worm's source.
HTH,
John