Date: Fri, 2 Nov 2001 11:31:10 +0000 From: Rasputin <rasputin@submonkey.net> To: Ralph Huntington <rjh@mohawk.net> Cc: security@freebsd.org Subject: Re: SubSeven trojan horse Message-ID: <20011102113110.A81496@shikima.mine.nu> In-Reply-To: <20011102055342.C92627-100000@mohegan.mohawk.net>; from rjh@mohawk.net on Fri, Nov 02, 2001 at 06:07:20AM -0500 References: <Pine.NEB.3.96L.1011101102651.99293A-100000@fledge.watson.org> <20011102055342.C92627-100000@mohegan.mohawk.net>
next in thread | previous in thread | raw e-mail | index | archive | help
* Ralph Huntington <rjh@mohawk.net> [011102 11:15]: > One of our FreeBSD 4.2-RELEASE machines is accused by mynetwatchman.com of > launching a SubSeven trogan horse attach. However, I do not find anything > odd about this machine. > > Is this even possible? I thought subseven was a Windows thing. Can it be > launched from bsd? Thanks. - Ralph Do you proxy for any windows boxes? If so, check your logs. If not, one ofthe users on the box may be playing with nessus or a portscanner, or just telnetting out on the right port to trigger firewalls. -- "I don't like spinach, and I'm glad I don't, because if I liked it I'd eat it, and I just hate it." -- Clarence Darrow Rasputin :: Jack of All Trades - Master of Nuns :: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011102113110.A81496>