Check your system to find the following features. Once discovered, it indicates that your system has been intruded by some people mentioned in this article.
1. The directory/dev/../sun2 exists.
2. The directory/var/spool/. recent exists.
3. Solaris installation has/bin/pico
4./bin/pico installed on Solaris
5. You can log on as the root user. The password is ABcDeFgHiJ.
6. Some logs or user files contain re or r accounts
If your system is running Solaris operating system, you can use the following command MD5 Signature with Sun online MD5 fingerprint database for comparative http://sunsolve.Sun.COM/pub-cgi/show.pl? Target = content/content7
**********************************
/Bin/ls
/Bin/login
/Bin/find
/Bin/ps
/Sbin/netstat
**********************************
If any inconsistency is found, these binaries programs are probably Backdoor programs. Trust copy should be used to restore the system. Once these features are discovered, your system is likely to be intruded. Once intrusion occurs, you should consider reinstalling the system and installing the latest patch. For more information, see: html "> http://www.cert.org/nav/recovering.html.