kernel brute segfault - Redhat

This is a discussion on kernel brute segfault - Redhat ; I am running RHEL4 on Quad Opteron hardware. I started to see these in the logs: kernel: brute[29385]: segfault at 0000000000000000 rip 0000000008048e33 rsp 00000000ffffca30 error 4 What is brute? What can I do about this? Thanks...

+ Reply to Thread
Results 1 to 2 of 2

Thread: kernel brute segfault

  1. kernel brute segfault

    I am running RHEL4 on Quad Opteron hardware.

    I started to see these in the logs:

    kernel: brute[29385]: segfault at 0000000000000000 rip 0000000008048e33 rsp
    00000000ffffca30 error 4

    What is brute? What can I do about this?

    Thanks








  2. Re: kernel brute segfault

    On Mon, 15 May 2006 10:05:22 -0400 (EDT), FEEB wrote:

    >I am running RHEL4 on Quad Opteron hardware.
    >
    >I started to see these in the logs:
    >
    >kernel: brute[29385]: segfault at 0000000000000000 rip 0000000008048e33

    rsp
    >00000000ffffca30 error 4
    >
    >What is brute? What can I do about this?
    >
    >Thanks


    Just for the record. Brute is an executable that is part of some SSH
    cracking package. The package tries to SSH to a predefined B-block of
    addresses using predefined combinations of login names and passwords (for
    instance login "test" with password "test").
    It generates a log file with combinations that returned a shell.

    The package was installed via a compromised user account (user has been
    known to distribute his passwords) from Romania and placed in /var/tmp and
    therefore invisible to "locate" (in RedHat several directories are exempt
    from updatedb, one of them is /var/tmp).

    The user has been dealt with.

    Cheers








+ Reply to Thread