7 May
2009
7 May
'09
12:53 a.m.
On Wed, May 6, 2009 at 11:13 PM, chuks Jonia <chuksjonia@gmail.com> wrote:
If havent checked your logs, please do. Alot of guys are bruteforcing using dongles and gaining access to systems. Check http://lists.my.co.ke/pipermail/security/2009-May/000104.html
./Chuks
Seen this before, was a rootkit running on a poorly secured *nix box that was poorly secured. Usually IRC bots, but could be different. At least was IRC then. The rootkit does the brute force attack and reports back to an IRC channel once it hits another box, then that can be used to relay spam, porn, warez...the works....and oh yes, another brute force attack. BR, S