Hi, 2011/2/24 Matthew D Truch <matt@xxxxxxxxx>: > Sorry for the mostly off-topic post, but google hasn't been my friend > lately and I don't know where to turn. > > We've had a few machines (mostly non-Fedora machines) which seem to have > a kind of rootkit installed on them, and write data to a file called > /var/run/.defunct among other non-niceties. Of course, we're going to > wipe the machines in question but googling doesn't seem to provide us > with any info and we'd like to make sure that whatever exploit got the > system cracked in the first place is patched up this time around. Without an investigation, which will show what was the object of attack and what vulnerability was exploited you can not be sure whether the newly installed system will not be exposed to this vulnerability. > Any > ideas? > > -- > "299792458 m/s. It's not just a good idea, It's the law." > -------------------------- > Matthew Truch > Department of Physics and Astronomy > University of Pennsylvania > matt@xxxxxxxxx > http://matt.truch.net/ > > -- > devel mailing list > devel@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/devel > -- Best regards, Michal http://eventhorizon.pl/ -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
