Author: Kevin Brown Date: Subject: hacker tool: pan2?
>>>what is pan2? >>>We just got hacked, and looking in the root's .bash_history, they
>>>downloaded pan2 from a .ro server, and it's still running. I was just
>>>wondering what that is..i can't seem to get a clear answer from google.
>>
>>Looks like it is an NNTP program (namely a client for news servers).
>
> Exactly! so why would they then wget pan2 from a .ro server?
> They also installed dsniff.
sniff the network for passwords and post them to an NNTP group?