-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Monty Ree wrote:
Hello, all.
I have operated linux server for a long time.
and I have found that some irc(psybnc etc) related program was installed
after scan or hacking.
I can't understand Why attackers installed and executed irc program?
Why attackers use irc after hacking?
Just chatting is not...I guess..
Monty,
Hackers often use IRC for two activities:
1) Talking to other hackers
2) Controlling botnets
Since both of these activities can get them in trouble, they prefer not
to come from their own IP address. PsyBNC is an IRC connection bouncer.
They can connect to psyBNC on your machine before connecting to an IRC
server, and any investigation into who they are will end at your system
instead of their own.
Or better yet, use a series of connection bouncers to make it even more
difficult to track them down.
- --
Gregory Boyce | gboyce@akamai.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFER+LnRy7J/ecQa/MRAsMOAJ9h7LwB9G/dz4Vu2kej+8Lpu4dStwCfVT2K
fWGp1Ebb5fv79QTHsQAYUJ0=
=naJL
-----END PGP SIGNATURE-----
-------------------------------------------------------------------------
This List Sponsored by: Webroot
Don't leave your confidential company and customer records un-protected.
Try Webroot's Spy Sweeper Enterprise(TM) for 30 days for FREE with no
obligation. See why so many companies trust Spy Sweeper Enterprise to
eradicate spyware from their networks.
FREE 30-Day Trial of Spy Sweeper Enterprise
http://www.webroot.com/forms/enterprise_lead.php
--------------------------------------------------------------------------
