Re: adore / beware hack
From: Luke Vogel (luke@bell-bird.com.au)Date: 02/21/02
- Next message: luke@cyber.homeunix.net: "Re: su segfault on exit."
- Previous message: Luke Vogel: "Re: adore / beware hack"
- In reply to: Donald Parker: "adore / beware hack"
- Next in thread: Donald Parker: "Re: adore / beware hack"
- Reply: Donald Parker: "Re: adore / beware hack"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Luke Vogel <luke@bell-bird.com.au> Date: Thu, 21 Feb 2002 17:38:57 +1000
Donald Parker wrote:
[snip]
> Anyway, I've been running with it "in production mode" for a couple of days
> and it seems one important thing I forgot to do was set up the hosts.deny
> file. I believe this was the hole that allowed my system to be cracked, but
> I'm still curious about how the crack happened and what the intentions were.
[snip]
I'm curious as to how you determined that you box was cracked in the
first place? The use of the adore kernel module should have hidden
nearly everything the cracker did if he was any good.
The cracker may well have gotten in on one of your inetd services, ...
did you check it for added back doors ... seems that you are probably
not running a strong firewall either??
-- Regards Luke ------ Q: What does FAQ stand for? A: We are Frequently Asked this Question, and we have no idea. ------ C.O.L.S FAQ - http://www.linuxsecurity.com/docs/colsfaq.html Note: Remove NOSPAM from my return address if necessary ------
- Next message: luke@cyber.homeunix.net: "Re: su segfault on exit."
- Previous message: Luke Vogel: "Re: adore / beware hack"
- In reply to: Donald Parker: "adore / beware hack"
- Next in thread: Donald Parker: "Re: adore / beware hack"
- Reply: Donald Parker: "Re: adore / beware hack"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
Loading
