ZK rootkit information?
This is a discussion on ZK rootkit information? within the Linux Security forums, part of the System Security and Security Related category; A client of mine recently had a server hacked, and while poking around I found a rootkit by the name ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
08-24-2003
|
|||
|
|||
ZK rootkit information?
A client of mine recently had a server hacked, and while poking around
I found a rootkit by the name of ZK installed. I checked around a bit, and while chkrootkit seems to have recently added this to it's repetoir, I couldn't find much in the way of references to it anywhere. Is this old news and I'm just out of the loop, or would people benefit from my digging through this kit's installation files and posting some info on how it works? 
|
|
08-24-2003
|
|||
|
|||
|
Re: ZK rootkit information?
scott@csshosting.net (Scott Seltzer) writes:
> A client of mine recently had a server hacked, and while poking around I > found a rootkit by the name of ZK installed. I checked around a bit, and > while chkrootkit seems to have recently added this to it's repetoir, I > couldn't find much in the way of references to it anywhere. > > Is this old news and I'm just out of the loop, or would people benefit > from my digging through this kit's installation files and posting some > info on how it works? Chkrootkit claims to be able to identify it, but hints that support's been improved recently; maybe you could research how it detects it, and see if your infestation differs? ~Tim -- And we feel those flickering moments |piglet@stirfried.vegetable.org.uk Like silk, the flags of our days |http://spodzone.org.uk/
|
Linear Mode
