Ice Czar
Inscrutable
- Joined
- Jul 8, 2001
- Messages
- 27,174
acascianelli said:haha, so he's not even installing the windows updates which he deemed the needed step in preventing infections?
I just read back in the thread
pretty sure hes not infected, or at least by that, he is on Redhat
he is however hosting infected files for his "friends"
provided hes not just trolling, and that he was truthful
he has indeed provided enough information to be compromised
and since he is under the dillusion that he can actually spot an infection or rootkit
he may already be compromised, as I pointed out before, once a rootkit has been run on you
all "evidence" be it signiture or huristic based activity is generally removed
anything that might tip the hand
http://www.honeynet.org/ > http://www.honeynet.org/papers/index.html > Know Your Enemy: III - 27 March, 2000
What happens after the script kiddie gains root. Specifically, how they cover their tracks while they monitor your system. The paper goes through step by step on a system that was compromised, with system logs and keystrokes to verify each step. NOTE: This paper is no longer maintained and is considered out of date.