[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[connect24h:01489] Re: Backdoor $B$NBP=h%a%b(B

To: connect24h@xxxxxxxxxxxxx
Subject: [connect24h:01489] Re: Backdoor $B$NBP=h%a%b(B
From: Hideaki Ihara <hideaki@xxxxxxxxxxxxx>
Date: Wed, 21 Feb 2001 17:01:15 +0900

(BPort139 $B$$$O$i$G$9!#(B
(B
(BOn Wed, 21 Feb 2001 16:30:35 +0900
(BSonoda Michio <sonodam@xxxxxxxxx> wrote:
(B
(B>$B%P%C%/%I%"$r;E3]$1$i$l$F$$$k$H$7$?$i!"(Brootkit$BE*$J$b$N$r;E3]$1$i$l$F$$$k2DG=(B 
(B>$B@-$b9b$$$H;W$$$^$9!#(B
(B
(BLinux $B$J$i%*%U%i%$%s$G%V!<%H$5$;$F(B Tripwire $B$G%A%'%C%/$H$+$J$s$G(B
$B$7$g$&$1$I(B...$B%*%U%i%$%s%V!<%H$5$;$F%Y!<%9%i%$%s%G!<%?%Y!<%9$,$"(B
$B$l$P(B rootkit $B$,H/8+$G$-$k$O$:$G$9!"M}O@>e$O(B...$BC/$+5/F0MQ(B FD $B:n$j(B
$B$^$;$s!)!J$H$+$$$&!K(B
(B
(B>$B%7%9%F%`4IM}%3%^%s%IEy$GFbIt$+$iD4::$9$k$@$1$G$J$/!"30B&$+$i%]!<%H%9%-%c%s$9(B 
(B>$B$k$J$I$Nl9g$K$OH/8+$,(B
$B:$Fq$G$O$J$$$+$H;W$$$^$9!#(B
(B
$B%]!<%H%9%-%c%s$7$?7k2L!"2?$bBT$Ao$,$J$$$+$i0B?4$H(B
$B$$$&$N$O$A$g$C$H4m81$J5$$b$$$?$7$^$9$N$G!"(B
(B
$B!&FbIt%W%m%;%9$K$*$$$F30It$H5-21$N$J$$%;%C%7%g%s$,$d$j$H$j$5$l$F(B
(B  $B$$$J$$$+3NG'$9$k!#(B
(B
$B$H$$$&$3$H$bI,MW$+$H;W$$$^$9!#(B
(BWindows NT/2000 $B$G$"$l$P!"(BTCPView PRO $B;H$&$H$+$G$9$+$M!#(B
$B%U%j!<$N$@$H(B...$BL>A0K:$l$A$c$C$?(B...
$B2?$,2x$7$$%W%m%;%9$J$N$+$rH=CG$9$k$N$,!"%M%C%/$H$$$($P%M%C%/$G$9(B
$B$1$I(B...
(B
$B$"!"$I$N$_$A%]!<%H%9%-%c%s$7$F%]!<%H6u$$$F$k>l9g$K$O2?$,DL?.$7$F(B
$B$k$+3NG'$7$J$$$H0UL#$J$$$N$+(B...
(B
(Brootkit $B$^$G9MN8$9$k$N$G$"$l$P!"$H$$$&$+9MN8$7$J$$$H$[$s$H$O$$$1(B
$B$J$$$s$G$9$1$I!"$d$O$j:F%$%s%9%H!<%k$7$F0BA4$@$H3NG'$G$-$F$$$k%G(B
$B!<%?$N$_$rI|5l$5$;$k$H$$$&J}K!$,0BA4$H$$$&0UL#$G$O%Y%9%H$J5$$,8D(B
$B?ME*$K$O$7$^$9!#(B
(BTripwire $B$r;H$C$F$$$k>l9g$K$O!"(Brootkit $B<+BN$NH/8+$O:$Fq$G$b%G!<%?(B
$B$=$N$b$N$N%A%'%C%/$O0MA3M-8z$G$9$+$i!"4F;kBP>]$r%A%'%C%/$7$F0[>o(B
$B$,$J$1$l$P4F;kBP>]$N%G!<%?$O:F%$%s%9%H!<%k$7$?%7%9%F%`$KLa$7$F$b(B
$B0BA4$G$9!#(B
(BTripwire $B$H$+$r$$$l$F$J$$>l9g$K$O!"@_Dj%U%!%$%k$J$IA4It:n$jD>$9$+(B
$B0BA4$@$H3NG'$G$-$k$b$N$@$1%j%9%H%"$9$k$C$F$H$3$m$G$7$g$&$+(B...
(B
(B---
(BWinSyslog,EventReporter $BHNGdCf(B: http://adiscon.port139.co.jp/
(B
(BHideaki Ihara <hideaki@xxxxxxxxxxxxx>
(BPort139 URL: http://www.port139.co.jp/
(BPGP PUBLIC KEY: http://www.port139.co.jp/pgp/

Follow-Ups:
- [connect24h:01495] Re: Backdoor $B$NBP=h%a%b(B
  - From: Sonoda Michio

References:
- [connect24h:01484] Backdoor $B$NBP=h(B$B%a%b(B
  - From: DANNA
- [connect24h:01486] Re: Backdoor $B$NBP=h%a%b(B
  - From: Sonoda Michio

Prev by Date: [connect24h:01488] $BHFMQ(B JP $B%I%a%$(B$B%s(B
Next by Date: [connect24h:01490] Re: $BKhF|$O!VCf9q(B$B?M!W$HJsF;$7$F$^$9(B
Previous by thread: [connect24h:01486] Re: Backdoor $B$NBP=h%a%b(B
Next by thread: [connect24h:01495] Re: Backdoor $B$NBP=h%a%b(B
Index(es):
- Date
- Thread

[connect24h:01489] Re: Backdoor $B$NBP=h%a%b(B

[connect24h:01489] Re: Backdoor $B$NBP=h%a%b(B