[cobalt-users] Related to Perfect.br group hacking

[Swapana Ghosh <swapana_ghosh@xxxxxxxxx>]

 Hi

       Two of the Cobalt raq4r servers those we maintain are recently hacked by
the  *Perfect.br*.. Here i found some information about them with Google
search...

_________________________________________________________________________
Hacked Sites:
blessindia.com - Christian Missionary Website
http://www.webmerchantindia.com/

Here is an interview with them:
http://www.dominasecurity.com/hackerz/perfectbr.htm

They seem not be politcally motivated but seems to be more a of challenge in a
hit & 
run attack.

Here is a link to their possible technique:
http://lists.debian.org/debian-security/2003/debian-security-200305/msg00340.html
_________________________________________________________________________

As per their interview , they use /ssh/ But here these two servers' /ssh/ have
been pathed with the latest patch recently.  Yes the /telnet/ port is open for
these two servers though(client's request) ... We have stopped the  /telnet/
now...Can anyone suggest what more we can do for stopping these kind of
hacking?   Moreover do you think that they have done through the telnet port or
they have taken any OS security hole? Though OS for these servers have been
upgraded recently....

Thanks...

__________________________________
Do you Yahoo!?
Protect your identity with Yahoo! Mail AddressGuard
http://antispam.yahoo.com/whatsnewfree