[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SV: [cobalt-users] Hack Attempt?

Subject: SV: [cobalt-users] Hack Attempt?
From: "Webmaster" <webmaster@xxxxxxxxxxxx>
Date: Thu Oct 19 06:30:01 2000
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

> Hi I found a file called "NEW" in my home/sites/home/users/admin folder and
> on opening it I found it had been put there by an exploit and had an email
> address pointing to seKure.de
>
> On more searching I found a program that looked like had generated the "NEW"
> file and found this page:
>
> http://archives.neohapsis.com/archives/bugtraq/2000-05/0462.html
>
> Can you first explain what this program can do, has done to the RAQ and then
> tell me how to trace who logged in or "hacked" in yesterday (18th Oct) so we
> can get to the bottom of this?


last | grep 18 | grep Oct

shows who logged in yesterday (unless the logs are deleted/altered)
happy hunting :-)

---
Med venlig hilsen/Regards
ClockWork Reklamebureau A/S

Anders Flyndersøe

Follow-Ups:
- [cobalt-users] [RaQ3i] user "HOME" ?!
  - From: Theodore Jones

References:
- [cobalt-users] Hack Attempt?
  - From: Kevin Cawthorne - www.delamitri.co.uk

Prev by Date: Re: [cobalt-users] Credit card software for RaQ
Next by Date: Re: [cobalt-users] Hack Attempt?
Previous by thread: [cobalt-users] Hack Attempt?
Next by thread: [cobalt-users] [RaQ3i] user "HOME" ?!

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index