DEVNULL

'Devnull' is the name of a computer worm for the Linux operating system which has been named after /dev/null, Unix's null device. This worm was found on 30 September 2002.
This worm, once the host has been compromised, downloads and executes a shell script from a web server. This script downloads a gzipped executable file named k.gz from the same address, and then decompresses and runs the file.
This downloaded file appears to be an IRC client. It connects to different channels and waits for commands to process on the infected host.
Then the worm checks for presence of the GCC compiler on the local system and, if found, it creates a directory called .socket2. Next it downloads a compressed file called devnull.tgz. After decompressing, two files are created: an ELF binary file called devnull and a source script file called sslx.c. The latter gets compiled into an ELF binary sslx.
The executable will scan for vulnerable hosts and it will use the compiled program to exploit the known OpenSSL vulnerability.

External links

★ F-Secures Website: Linux/Devnull

This article provided by Wikipedia. To edit the contents of this article, click here for original source.

psst.. try this: add to faves

	Soledad O'Brien & Dev Null - The Site
	Dev/Null - Banal Universe
	Dev/Null - Drinking Songs That Put Yours To Shame
	dev/null (Live in NYC, 11-2-06)
	Dev/Null - Rave 5

	Bora Bora Lagoon Resort & Spa
	Destination Greece
	JRD Travel Company
	Golf Holidays International
	MarysTravelSpot
	Grenada Board of Tourism
	Hotel Villa St Pierre
	Travelonly - Dave Corless
	Heavenly Paradise Getaways
	Dancing Moon Travel

DEVNULL

See also

External links

Photo Galleries »

Customer Service

Most Popular

Useful

Find