[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-security] have I been 0wn3d?

Subject: RE: [cobalt-security] have I been 0wn3d?
From: "Gary M. Root" <groot@xxxxxxxxxxxxxxx>
Date: Mon, 16 Sep 2002 13:15:55 -0700
Organization: Liquid Spark, LLC
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

|> So basically, there's plenty of info on this list for me to protect
|> myself, but I'm afraid that I've already been owned. Can 
|someone give me
|> a bit of insight as to how to find out for sure?
|
|According to those who've seen it (and assuming that there are no
|variants out yet):
|
|-) "ps -ax | grep bugtraq" will show a process ".bugtraq" if 
|it's running.

I don't see anything when I type the command correctly, but I also
accidentally typed:

"ps -ax | grep bugtrag" (with a "g")

And I get:

"24002 pts/0    S      0:00 grep bugtrag"

What does that mean??

|-) There'll be a file called /tmp/.bugtraq.c in the machine 
|containing the
|worm's source.
|
|HTH,
|
|John
|
|
|_______________________________________________
|cobalt-security mailing list
|cobalt-security@xxxxxxxxxxxxxxx
|http://list.cobalt.com/mailman/listinfo/cobalt-security
|
|

Follow-Ups:
- Re: RE: [cobalt-security] have I been 0wn3d?
  - From: Menno M Jansz
- RE: [cobalt-security] have I been 0wn3d?
  - From: Jamie - i-Dot

References:
- Re: [cobalt-security] have I been 0wn3d?
  - From: John Bailey

Prev by Date: RE: [cobalt-security] have I been 0wn3d?
Next by Date: Re: RE: [cobalt-security] have I been 0wn3d?
Previous by thread: Re: [cobalt-security] have I been 0wn3d?
Next by thread: Re: RE: [cobalt-security] have I been 0wn3d?

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index