| From: | Clyde Hannan |
| Date: | 9 Apr 2001 at 20:26:16 |
| Subject: | Re: Paranoid? |
Graham wrote:
>
> Hi all,
> I hope I'm not going to start a paranoid stampede or anything & I hope I'm
> wrong but... I just downloaded the latest versions of FBlit,BlazeWCP &
> StackAttack from Aminet (todays uploads I think) I then noticed a few new
> tasks in scout, something called "zakandhackandpak" or something & miami
> was reporting someone trying to access port 113 I ran a trace on the IP &
> it was Haage&partener!!!. I've now reverted back to the older versions of
> the above files & the mystery tasks have disappeared & no more attempted
> access. Like I said I dont want to start a panic but something is not
> right, would appreciate it if someone out there with a little more
> technical knowledge (not hard I know) could look into this & let us know
> whats going on.
There were several postings about this on Amiga News Network (http://www.ann.lu)
and I think that it has been confirmed that they are Trojan / backdoor viruii.
Afaik the one trying to access H&P is to mailbomb them and is apprently setup to
make it look like its abusive stuff from the people involved with MorphOS.
So yes, everyone stay well clear of those files.
------------------------ Yahoo! Groups Sponsor ---------------------~-~>
Do you have 128-bit SSL encryption server security?
Get VeriSign's FREE Guide, "Securing Your
Web Site for Business." Get it now!
http://us.click.yahoo.com/EVNB7A/c.WCAA/bT0EAA/d8AVlB/TM
---------------------------------------------------------------------_->
Quote carefully and read all ADMIN:README mails
Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/