[Linux-disciples] Suspicious Files
Dylan Thurston
linux-disciples@bostoncoop.net
Tue, 20 Jan 2004 21:50:51 -0500
--aM3YZ0Iwxop3KEKx
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Tue, Jan 20, 2004 at 09:38:36PM -0500, Adam Kessel wrote:
> Suspicious files have been appearing in various directories on my system,
> e.g.:
>=20
> -rw-r--r-- 1 adam adam 0 2004-01-20 16:24 H.D?
>=20
> There was one yesterday with some UTF-8 (accented) type characters in it.
> I have no idea where these are coming from. Any ideas about what might be
> creating them or how to catch the culprit?
It's unlikely to be a hack, but you should run chkrootkit anyway.
Do they appear in any sort of consistent location? That file is recent,
I notice.
Peace,
Dylan
--aM3YZ0Iwxop3KEKx
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQFADekKVeybfhaa3tcRAhzOAJ9AyvFjNeeSfH17BLW2ZRnLTCnUfACfdS7B
G70E/l4tt5FgwBwaAfotdzM=
=9ket
-----END PGP SIGNATURE-----
--aM3YZ0Iwxop3KEKx--