On Monday 11 April 2005 15:36, Chris Kenward wrote: > Hi Reuben > > > If I recall correctly, you mentioned that the blackhole file was > > an executable / binary, rather than a source code. So it's probably > > already compiled and dropped to your machine. > > 100% Correct. What I cannot understand is how the file would have been > transferred. Would it have been possible that the hacker used Apache on the > box and simply uploaded the file? The mind boggles. It's a posibility. If your apache is compromised through one of the vulnerable program/package (eg. cgi stuff) that is run there, then it's possible for hacker to get shell access, and basically download anything that the hacker wants to your machine, like more exploit, IRC bots, etc. RDB -- Reuben D. Budiardja Dept. Physics and Astronomy University of Tennessee, Knoxville, TN -----BEGIN GEEK CODE BLOCK----- Version: 3.12 GIT/M/MU/P/S d-(++) s: a-- C++(+++) UL++++ P-- L+++>++++ E- W+++ N+ o? K- w--- !O M- V? !PS !PE Y PGP- t+ 5 X R- tv+ b++>+++ DI D(+) G e++>++++ h+(*) r++ y->++++ ------END GEEK CODE BLOCK------ -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
