[olug] arp poisioning

Jason Troy jason.troy at gmail.com
Wed Jul 7 02:48:20 UTC 2010


Jesse,

Be careful about asking how to kill or wipe things from a system, last time
it digressed and people were suggesting thermite. :)
First isolate the pattern or cause, then worry about the fix.
Obviously once you find the issue, you will want to remove it.
That brings me to the next question, who is your dns provider? There are
still some who have not updated dns and will start misbehaving until
rebooted or the cache is cleared.
Take a look for more info on that here https://www.grc.com/dns/dns.htm  The
site may also provide some insight on what services or ports you have
exposed.
HTH  --JT

On Jul 6, 2010 6:49 PM, "jesse moseman" <jmoseman01 at gmail.com> wrote:

how would you get rid of DNS or /etc/hosts altering trojans.  I'm pretty
sure i checked the host file and nothing fishy was there.


On Tue, Jul 6, 2010 at 2:57 PM, Phil Brutsche <phil at brutsche.us> wrote:

> It's also not unheard of...



More information about the OLUG mailing list