http://pharmalert.zoomshare.com/5.shtml Pharmacy Alert Security Team: Feedback Sat, 06 Oct 2007 16:53:26 -0500 http://pharmalert.zoomshare.com/5.shtml/e5fa53d3c056485d2abadfe7b5d94d71_470802a1.writeback Sat, 06 Oct 2007 16:48:17 -0500 <a href="null" target="_blank"></a> When a machine is hijacked as a <ol><li>proxy web server<li>proxy image server<li>proxy name server</ol> there is a degree of damage performed by the hijacker. <br><br> This damage has become more severe over time. Functions removed may include<ul> <li>chattr<li>lsattr<li>wget <li>passwd<li>shutdown<li>shadowconfig<li>netstat <li>lsof<li>reboot</ul> <br><br> This information varies with time. If you are recovering a hijacked machine, please provide your experiences here for others to share. Please comment on whether the information contained here was sufficient for your purposes, and suggest any additions. http://pharmalert.zoomshare.com/5.shtml/de331203d8dc8a3dc03d0a39b1bd9c2c_44fb9666.writeback Sun, 03 Sep 2006 21:58:46 -0500 If you received a Pharmacy Alert, you can respond here with any questions and to share your experiences in removing the trojan<br><br>Thank you from the Pharmacy Alert Security Team