[nsp-sec] ACK 26496 - Re: rooted UNIX boxes
Greg Schwimer
gschwimer at godaddy.com
Tue Jun 28 12:05:17 EDT 2011
On Tue, 2011-06-28 at 11:27 +0200, Dirk Stander wrote:
> ----------- nsp-security Confidential --------
>
> Hi,
>
> please find attached a list of compromised servers found
> in an email drop box. The servers do have a userland root
> kit installed and are running a trojanized ssh/sshd.
>
> I'm not sure about the initial attack vector.
>
> The format of the list is:
> <ASN> | <CC> | <IP> | <PTR> | <time GMT> | <SMTP sender> | <AS DESC>
>
> kind regards, Dirk Stander (1&1 Internet AG) :.
>
More information about the nsp-security
mailing list