[unisog] hacked win2k machine

hermit921 hermit921 at yahoo.com
Sat Dec 8 00:27:44 GMT 2001


Unless you have been running a secure analog of tripwire so you can be 
certain you know all the altered files (and registry changes!), you had 
better reformat and reinstall.  Once a computer has been compromised, you 
don't know what other files may have been altered.

hermit921

At 03:47 PM 12/7/01 -0800, West, Ken wrote:
>I've got a machine that was participating in dDOS attack. It was win2k with
>sp1.  I would like to know more about the exploit.  I found firedaemon,
>detach, pktopass on running on the machine, does this sound familiar?  Is it
>cleanable or are we looking at a rebuild?
>
>thanks,
>Ken


_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com



More information about the unisog mailing list