Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Tue, 17 Jul 2001 06:28:34 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Tue, 17 Jul 2001 06:28:24 -0400 Received: from tahallah.demon.co.uk ([158.152.175.193]:36360 "EHLO tahallah.demon.co.uk") by vger.kernel.org with ESMTP id ; Tue, 17 Jul 2001 06:28:16 -0400 Date: Tue, 17 Jul 2001 11:26:58 +0100 (BST) From: Alex Buell X-X-Sender: Reply-To: To: "Michael H. Warfield" cc: Alexander Viro , "Albert D. Cahalan" , Adam , Mailing List - Linux Kernel Subject: Re: Duplicate '..' in /lib In-Reply-To: <20010716222215.A4695@alcove.wittsend.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org On Mon, 16 Jul 2001, Michael H. Warfield wrote: > You HAVE to boot from other media. Some of these suckers have > Linux kernel modules (we'll keep it a little on topic here) like Adore > and KIS that hide processes, connections, services, and files. You can > not trust your kernel if you may have been compromised. All I can say this fscking sucks! OK, I'll have to go over the system with a fine toothed comb and see what's been done to it. Fortunately I'm on a very slow dialup, so it may not be too troublesome. > No joke... And I do believe they done got you. Fscking script kiddies. Oh well, will let you know what I find. I'm just wondering how they managed to get in given that I never download binaries and always compile from sources myself. Probably through a compromised TCP/IP service, I bet. -- Hey, they *are* out to get you, but it's nothing personal. http://www.tahallah.demon.co.uk - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/