[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Bind Hack

Subject: Re: [cobalt-users] Bind Hack
From: "Carrie Bartkowiak" <ravencarrie@xxxxxxxx>
Date: Fri Feb 9 14:04:54 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

> We got an e-mail today from our CoLo (UK2.net) that our RaQ3 had been
hacked. The port 15000
> would be open as a result of this hack. It further says that aprox. 20
files had been changed and
> we were urgently requested to apply an .pkg to repair those files.

> I couldn't find a foreign thing...

Thomas,
Keep in mind that lots of servers on UK2.net were compromised - probably
including UK2.net's servers themselves. If you haven't found anything
suspicious on your machine, tread carefully.
This could be a hacked email urging you to take action on your machine that
would allow someone monitoring it to hop in and take over.

Leave no room for doubt. CALL UK2.net and make sure *they* sent you that
email, and then discuss what you've found (nothing) and how you should
proceed regarding updates, if at all.
It could be that you're safe somehow, but if you apply the packages that the
email recommends, you could be opening yourself up to a hole someone has
found in those packages.

See what I'm saying?

Carrie - whom you guys have made incredibly paranoid over the last two days!
(I'm wanting to shut down everything but port 80! *L*)

Follow-Ups:
- Re: [cobalt-users] Bind Hack
  - From: flash22

References:
- [cobalt-users] Bind Hack
  - From: RaQ3

Prev by Date: [cobalt-users] Re: speaking of spam...
Next by Date: Re: [cobalt-users] SSH Exploit?
Previous by thread: [cobalt-users] Bind Hack
Next by thread: Re: [cobalt-users] Bind Hack

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index