I help with Melbourne Perl Mongers.
I spend an awful lot of time talking about Perl, and have had my picture in the Australian newspapers with a camel. That's rather scary.
Happy New Rootkit
I'm back from holidays, and had intended to write about all the interesting diving I had managed to get done.
Unfortunately, the machine of one of our clients was compromised this afternoon, so instead I'm currently in the process of cleaning things up. I know how the attackers got in, and I have clean backups that verify without an issue. The main thing now is gaining physical access to the machine and the dull dull task of cleaning the disks and initiating a restore. There's reason to believe that the kernel has been modified by a direct write to
This particular compromise falls into the "What? I didn't know we had that installed (outside of the packaging system)" category.