[unisog] hacked win2k machine
hermit921 at yahoo.com
Sat Dec 8 00:27:44 GMT 2001
Unless you have been running a secure analog of tripwire so you can be
certain you know all the altered files (and registry changes!), you had
better reformat and reinstall. Once a computer has been compromised, you
don't know what other files may have been altered.
At 03:47 PM 12/7/01 -0800, West, Ken wrote:
>I've got a machine that was participating in dDOS attack. It was win2k with
>sp1. I would like to know more about the exploit. I found firedaemon,
>detach, pktopass on running on the machine, does this sound familiar? Is it
>cleanable or are we looking at a rebuild?
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
More information about the unisog