Re: Compromised user account, consequences?

From: Jim Richardson (warlock_at_eskimo.com)
Date: 01/17/05


Date: Sun, 16 Jan 2005 16:48:05 -0800


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sun, 16 Jan 2005 23:51:36 GMT,
 Gandalf Parker <gandalf@most.of.my.favorite.sites> wrote:
> Jose Maria Lopez Hernandez <jkerouac@bgsec.com> wrote in news:xpCGd.212190
> $r4.12114437@news-reader.eresmas.com:
>
>> Script-kiddies always forget to erase the .bash_history files,
>> probably the commands it's what they really did. But I wouldn't
>> assume it's the only thing they really did.
>
> What I love is when they run some rootkit which installs a sniffer to log
> everyones logins and passwords. Then they continue to login to every one of
> their other "owned" boxes, and even their home machine, giving me all of
> their passwords.
>

Now *there's* a novel use for a honeypot :)

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFB6wtFd90bcYOAWPYRAkkUAKC+bdy9Olo3wKkwCfsrP8p3BI47nwCgpy0W
ox9g2YJ7oKCtGiC4bDcYiEk=
=TiON
-----END PGP SIGNATURE-----

-- 
Jim Richardson     http://www.eskimo.com/~warlock
The nice thing about Windows is - It does not just crash, it displays
 a dialog box and lets you press 'OK' first.


Relevant Pages