[unisog] hacked win2k machine

hermit921 hermit921 at yahoo.com
Sat Dec 8 00:27:44 GMT 2001

Unless you have been running a secure analog of tripwire so you can be 
certain you know all the altered files (and registry changes!), you had 
better reformat and reinstall.  Once a computer has been compromised, you 
don't know what other files may have been altered.


At 03:47 PM 12/7/01 -0800, West, Ken wrote:
>I've got a machine that was participating in dDOS attack. It was win2k with
>sp1.  I would like to know more about the exploit.  I found firedaemon,
>detach, pktopass on running on the machine, does this sound familiar?  Is it
>cleanable or are we looking at a rebuild?

Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com

More information about the unisog mailing list