[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] RAQ's in UK hacked

Subject: [cobalt-users] RAQ's in UK hacked
From: "Steve Bassi" <steve@xxxxxxxxx>
Date: Wed Feb 7 17:58:02 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

Hi

Many of our RAQ's seem to have been hacked despite having installed the
recent updates.

Anyone on this list been hacked ?

This is a recent post to our UK2 group (below) - anyone on the list with
other suggestions o can help would be much appreciated

Rgds

Steve Bassi

=======================
Yes I do mean machines have been compromised.

To check to see if you have been the target this is what I suggest.

check in the /lib/security/.config directory (If you have one)
on mine theres a rootkit in there.

check file mfs (sniffer log, passwords etc.)
you will also prob see a scan.log file and heres a fill listing

ava cleaner  lpsched  nfs-utils-0.1.9.1-1.i386.rpm
rcp       ssh    sz backup  crypt    mfs
patcher   scan.log  sshd           utime
bin     instmod  sh  wget


Web : http://firstwebspace.com
My Online Communications
ICQ#:5647095  - AIM:fwsweb - Yahoo:stevebassi - MSM:stevebassi@xxxxxxxxxxx -
AOL:sacbassi

Follow-Ups:
- Re: [cobalt-users] RAQ's in UK hacked
  - From: flash22

Prev by Date: [cobalt-users] FW: [ISN] [BUGTRAQ] Bug in Bind 9.1.0? (fwd)
Next by Date: Re: [cobalt-users] Spam List
Previous by thread: [cobalt-users] Re: [cobalt-security] FW: [ISN] [BUGTRAQ] Bug in Bind 9.1.0? (fwd)
Next by thread: Re: [cobalt-users] RAQ's in UK hacked

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index