Interesting. It appears the thread was deleted about the time California got to work this morning. That's one way to handle security threats, I suppose. Here's what's left of it on Google...
Rootkit Found on my Trixbox Server | trixbox
Jan 26, 2009
... A quick Google turned up many hints that this was
rootkit related. I ran
rootkit hunter, but this turned up nothing.
...
www.trixbox.org/forums/trixbox-forums/open-discussion/rootkit-found-my-trixbox-server - 4 hours ago -
Similar pages -
Rootkit Found on my Trixbox Server | trixbox
- 3:22pmJan 26, 2009
... On further checking, I found evidence of the
zk rootkit - eg: an
init.
zk file in /sbin. At this point I just started a reinstall - which took all of about 30 mins, including a config restore. Now, this server is behind a hardware firewall with no general access and the only ports open are those for SIP, RTP and IAX2.
...
www.trixbox.org/forums/trixbox-forums/open-discussion/rootkit-found-my-trixbox-server - 5 hours ago
Rootkit Found on my Trixbox Server | trixbox
- 3:22pmJan 26, 2009
... So I get in via this and get root via vmsplice
and then suddenly Bob's your uncle and the box isn't yours anymore.
...
www.trixbox.org/forums/trixbox-forums/open-discussion/rootkit-found-my-trixbox-server - 5 hours ago
Rootkit Found on my Trixbox Server | trixbox
- 3:22pmJan 26, 2009
... SIP and IAX2 exploits are from 2007, there has been an information disclosure weakness in IAX2 too, which has been announced some days ago.
...
www.trixbox.org/forums/trixbox-forums/open-discussion/rootkit-found-my-trixbox-server - 5 hours ago
Rootkit Found on my Trixbox Server | trixbox
- 3:22pmJan 26, 2009
... The vmsplice 'exploit' requires user
rights to execute code on the box, that requires access either locally or remotely.
... aka "
Skyking".
www.trixbox.org/forums/trixbox-forums/open-discussion/rootkit-found-my-trixbox-server - 5 hours ago
And then there's this result from donbusca.com:
- Rootkit Found on my Trixbox Server | trixbox
Rootkit Found on my Trixbox Server. linker3000. Posts: 106. Member Since: 2006- 06-08. Submitted by linker3000 on Mon, 01/26/2009 - 6:03am. Hi Folks, ...
www.trixbox.org/forums/trixbox-forums/open-discussion/rootkit-found-my-trixbox-server - 5 hours ago
- PBX in a Flash Forum - Search Results
A user on the trixbox forums (http://www.trixbox.org/forums/trixbox-forums/open- discussion/rootkit-found-my-trixbox-server) has found a rootkit exploit on ...
www.pbxinaflash.com/forum/search.php?do=finduser&userid=1&searchthreadid=3233 - 3 hours ago
- Recent posts | trixbox
Forum topic, Rootkit Found on my Trixbox Server, linker3000, 5, 3 min 25 sec ago . Forum topic, GUI not installed properly, talawson, 3, 3 min 48 sec ago ...
www.trixbox.org/tracker
- Linux.com :: Mystery infestation strikes Linux/Apache Web sites
We haven't found a good answer yet for disinfecting compromised servers, ..... It happened to my server. All file under /bin were replaced. .... This software asked where the trixbox is and then asked for the root password to it. .... AVG now has a free RootKit detection program for Windows but not Linux yet. ...
www.linux.com/feature/125548
- Missing Posts | trixbox
How to file a bug report Rootkit Found on my Trixbox Server ›. --. Michael Mathewson CCNA,MCSE Owner/Consultant Northeast CT IT Solutions ...
www.trixbox.org/forums/trixbox-forums/open-discussion/missing-posts - 5 hours ago
- Complete System Sweep - An all-in-one performance suite. Instantly ...
I was having alot of trouble getting a freepbx server to register with my voip provider so I switched to 3cx and haven't looked back. It was easy to. ...
complete-system-sweep.qarchive.org/
- T38 working....but not in the way I wish | trixbox
Jan 26, 2009 ... When trixbox send the re-invite with T38 is sending the IP address of the VG ... Rootkit Found on my Trixbox Server Error after upgrade › ...
www.trixbox.org/forums/trixbox-forums/open-discussion/t38-workingbut-not-way-i-wish - 3 hours ago