nagios backdoor

Sven Nierlein Sven.Nierlein at Consol.de
Thu Jun 6 20:46:22 CEST 2013

Previous message: nagios backdoor
Next message: nagios backdoor
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

Do you have any details? The german notice sounds like someone broke
into their nagios system, but not necessarily by a nagios backdoor.

  Sven


On 6/6/13 18:31, Kirill Bychkov wrote:
> Hello list,
>
> I am client of Hetzner Online (http://hetzner.de)
> They are sent me email this following text (part):
> =
> At the end of last week, Hetzner technicians discovered a "backdoor" in one
> of our internal monitoring systems (Nagios).
>
> The malicious code used in the "backdoor" exclusively infects the RAM. First
> analysis suggests that the malicious code directly infiltrates running Apache
> and sshd processes. Here, the infection neither modifies the binaries of the
> service which has been compromised, nor does it restart the service which has
> been affected.
> =
> I wrote it just for information.
>
>
>
> ------------------------------------------------------------------------------
> How ServiceNow helps IT people transform IT departments:
> 1. A cloud service to automate IT design, transition and operations
> 2. Dashboards that offer high-level views of enterprise services
> 3. A single system of record for all IT processes
> http://p.sf.net/sfu/servicenow-d2d-j
>
>
> _______________________________________________
> Nagios-users mailing list
> Nagios-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/nagios-users
> ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
> ::: Messages without supporting info will risk being sent to /dev/null


-- 
Sven Nierlein             Sven.Nierlein at consol.de
ConSol* GmbH              http://www.consol.de
Franziskanerstrasse 38    Tel.:089/45841-439
81669 Muenchen            Fax.:089/45841-111


------------------------------------------------------------------------------
How ServiceNow helps IT people transform IT departments:
1. A cloud service to automate IT design, transition and operations
2. Dashboards that offer high-level views of enterprise services
3. A single system of record for all IT processes
http://p.sf.net/sfu/servicenow-d2d-j
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Previous message: nagios backdoor
Next message: nagios backdoor
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list