[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-developers] My RaQ's been Hacked

Subject: Re: [cobalt-developers] My RaQ's been Hacked
From: jale@xxxxxxxxxx
Date: Sun Mar 25 05:59:19 2001
List-id: Discussion Forum for developers on Cobalt Networks products <cobalt-developers.list.cobalt.com>

Cobalt support was very good about going into my machine for me and seeing
if they could figure out who hacked me and took me out of service a short
time back; right when the new security features were released. Call them
and have them take a look; they are 24x7 support so they are their now. If
you get Andrew, he is AWESOME!!

They told me they have been working on prosecuting hackers when identifiable.

Danny

At 12:18 PM 3/25/2001 -0700, you wrote:
>I have a RaQ3 used only for development but connected to the Internet
>via a static IP and running some legitimate Virtual sites for testing
>purposes.
>
>This morning at 10:52 UK time, my RaQ3 was hacked and EVERY file
>named INDEX.HTML  was replaced with a bogus page from the
>	" 1i0n Crew  and powered by H.U.C".
>Many other key files were 'touched' (including passwd, shadow, etc).
>I'll have to reload from recovery to guarantee a clean machine.  The
>machine was essentially trashed.
>
>My questions:
>	Where  in the debris am I likely to find a clue to the IP of the purpetrator?
>	What specific RaQ3 compatible software would have likely prevented
>	this?

References:
- [cobalt-developers] My RaQ's been Hacked
  - From: Edmund J. Mildenberger

Prev by Date: [cobalt-developers] SMTP Relaying on Cobalt
Next by Date: Re: [cobalt-developers] SMTP Relaying on Cobalt
Previous by thread: Re: [cobalt-developers] My RaQ's been Hacked - Thanks!
Next by thread: [cobalt-developers] Users email alias'

Sun Cobalt Developers Message Index

Sun Cobalt Developers Thread Index