Re: Big Website Hack Documented
From: 2Host.com - Robert (admin@-NOSPAM-2host.com)
Date: 03/25/03
- Next message: Soeren Bleikertz: "Re: Big Website Hack Documented"
- Previous message: Michel Bardiaux: "Re: Deny local socket/port binding on server."
- In reply to: Colnel Panic: "Re: Big Website Hack Documented"
- Next in thread: Soeren Bleikertz: "Re: Big Website Hack Documented"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "2Host.com - Robert" <admin@-NOSPAM-2host.com> Date: Tue, 25 Mar 2003 08:53:34 -0800
Colnel Panic wrote:
>
> > How long do think you'll last this time?
>
> Who knows. I'm trying a newer different nwer version.
>
> > Have you figured out who, how & when?
>
> No clues so far. I think it started march 15th at 17:10 and no idea how.
>
> > Your SSH/SSL and apache are so old that either one could have been the
> > weak spot.
>
> Very possible and rectified.
>
> I am most curious who would do this. It looks like a guy in a black hat
> behind a computer did it but I don't know.
Those logs posted show your eth device is in promiscuous mode, which
means it's running a sniffer and the system is likely rooted beyond safe
recovery.
-- Regards, Robert McGregor - Email: admin@(remove)2host.com. Phone: 530-941-0690 Server admin, support, programming for shared & dedicated web servers Secure, reliable hosting you expect and deserve! http://www.2host.com
- Next message: Soeren Bleikertz: "Re: Big Website Hack Documented"
- Previous message: Michel Bardiaux: "Re: Deny local socket/port binding on server."
- In reply to: Colnel Panic: "Re: Big Website Hack Documented"
- Next in thread: Soeren Bleikertz: "Re: Big Website Hack Documented"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
