[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] I've been hacked

Subject: RE: [cobalt-users] I've been hacked
From: "Wood, Bradley" <Bradley.Wood@xxxxxxxxxxxxxxxxxxxx>
Date: Fri Jun 21 04:19:03 2002
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

run a portscan on the box and then start from there.

password changing might be totally irellevant if there's a buffer overflow
being exploited.

brad

> -----Original Message-----
> From: Linuxman [mailto:linuxman@xxxxxxxxxxxxxxxx]
> Sent: 21 June 2002 11:48
> To: cobalt-users@xxxxxxxxxxxxxxx
> Subject: [cobalt-users] I've been hacked
> 
> 
> Someone got into my Raq4 last night and dropped a new home 
> page with one
> graphic file onto 2 sites. I has OS2, the latest PHP, webmail 
> and webalized
> from pkgmastrer.com running on the server, but that was about 
> it. To combat
> the problem, I changed the servers passwords right away 
> before I put in the
> latest patches, and I was hacked again before the latest 
> patches went in,
> including the Security Bundle 2.0.1. I changed the passwords again.
> 
> I am not seeing where the person got in. Any thoughts?
> 
> _______________________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> To Subscribe or Unsubscribe, please go to:
> http://list.cobalt.com/mailman/listinfo/cobalt-users
> 


Our network may monitor outgoing and incoming e-mail messages for security and customer service purposes,
but this e-mail is confidential. Please notify the sender immediately if you receive it in error, and then delete it. Thank you.

Prev by Date: RE: [cobalt-users] I've been hacked
Next by Date: Re: [cobalt-users] dhcp release on qube3?
Previous by thread: Re: [cobalt-users] I've been hacked
Next by thread: RE: [cobalt-users] I've been hacked

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index