For everyones information i have heard in various places that there is a 0
day sshd exploit going around that supposidely affects every version of
ssh he might be using that to do whatever it has been floating around for
a month but i am sure you rpobially all allready know about it.

On Fri, 16 Nov 2001, Hubert Feyrer wrote:

>
> Of course geared for Linux, but maybe of general interrest:
>
> 	http://www.vnunet.com/News/1126812
>
> 	     `` He explained that he had discovered a
>                 compromised Red Hat box that was being used as a
>                 central host for other 'zombie' machines, although
>                 it is not yet clear how the central server
>                 communicates with the zombies.
>
>                 Apparently the attacker manually installed an IRC
>                 server, which was communicating with more than
>                 120 other host machines.
>
>                 The communication channel was called 'kujikiri', a
>                 method of esoteric teaching used by the ninja, and
>                 the channel key was tagged 'ninehandscutting', an
>                 ancient ninjitsu hand movement.
>
>                 Apparently all hosts communicating with the
>                 central server were logging on using identification
>                 names prefixed with 'ninja'.
>
>                 According to experts, the Trojan program installed
>                 in the attack does not match any signatures
>                 identified so far and, if it is new, Salusky has
>                 already christened it 'Limpninja'. ''
>
>
>  - Hubert
>
> --
> Want to get a clue on IPv6 but don't know where to start? Try this:
> * Basics -> http://www.onlamp.com/pub/a/onlamp/2001/05/24/ipv6_tutorial.html
> * Setup  -> http://www.onlamp.com/pub/a/onlamp/2001/06/01/ipv6_tutorial.html
> Of course with your #1 IPv6 ready operating system -> http://www.NetBSD.org/
>
>