| Author | Thread |
|
|
11/11/2006 07:38:28 PM · #1 |
not a problem for two years & almost as i watched this morning the server had all it's logs blown away by Romanian scriptkiddy
aaghh hate that that happens //
still finding pieces of effluent (no - haven't lost anything but time & piece of mind )
running around changing passwords & whatnot .. aaghh...
(stopped the hack after about 15min after seeing the streaming logs truncated, shut off incoming ports yada yada .. )
bugs me that i don't know what caused the break in !(!*_)!#~~~
|
|
|
|
11/11/2006 08:04:59 PM · #2 |
|
|
|
11/11/2006 08:33:47 PM · #3 |
Those Romanian Script Kitties are evil, pure evil!
|
|
|
|
11/11/2006 08:39:38 PM · #4 |
Originally posted by routerguy666:
Open ports! |
22 & 25 & 80 were the only ones open to that box
so .. ssh overflow bug ? possibly..
|
|
|
|
11/11/2006 08:40:28 PM · #5 |
Originally posted by Strikeslip:
Those Romanian Script Kitties are evil, pure evil!
|
is that what they look like !! // gimm'me a shotgun ! |
|
|
|
11/11/2006 09:05:56 PM · #6 |
Originally posted by ralph:
Originally posted by routerguy666:
Open ports! |
22 & 25 & 80 were the only ones open to that box
so .. ssh overflow bug ? possibly.. |
I would order it as 80 being most likely followed by 25 then 22. What os? BS script hacks generally target known exploits, so (telling you what you probably aalready know) I'd be looking for apache and sendmail patches if those are what you are using. |
|
|
|
11/11/2006 11:03:24 PM · #7 |
Originally posted by routerguy666:
I would order it as 80 being most likely followed by 25 then 22. What os? BS script hacks generally target known exploits, so (telling you what you probably aalready know) I'd be looking for apache and sendmail patches if those are what you are using. |
yes / already know ..
this is an older redhat 9 box ..
just gives me a reason to update the whole dmn thing.. they used SucKit once in / seen a number of exploited boxes over the last 10 yrs so it is easy enough to clean & lock down / just (*&)(*&!! annoying
whats interesting this box has been beaten heavily on over the last 2 yrs (since its last update) but this is the first rootkit on it ..
dmn i wish i had the specifics .. .. guess it's time to make that log server ..
rainy day tomorrow - all challenges are in .. so i might as well latest & greatest ..
|
|
|
|
11/11/2006 11:34:03 PM · #8 |
| Haha, my plan for tomorrow is to upgrade my bsd box to 6.1. Ahh, geek life. |
|
|
|
11/13/2006 10:45:47 PM · #9 |
So how did your rebuild go?
I forgot how boring it is to sit there and watch firefox compile for 45 minutes...
edit: I'll use that as my excuse for not upgrading in a couple years. Went from 4.11 to 6.1.
Message edited by author 2006-11-13 22:46:11. |
|
|
|
11/21/2006 07:50:35 PM · #10 |
Originally posted by routerguy666:
So how did your rebuild go?
I forgot how boring it is to sit there and watch firefox compile for 45 minutes...
edit: I'll use that as my excuse for not upgrading in a couple years. Went from 4.11 to 6.1. |
the replacement motherboard (older box but not as old as the one rooted )
is acting odd (lots of crc errors in the ide channels / across multiple drives that i know are good )
so go to a fall back (even older box ) but it doesn't like the newish 80 gig drive i was going to attach ..
aaghhh..
tried out the BSD & it went fine but wrong drive ...
& just today i 'found' a unused MB at work (older equipm. but still viable but to slow for engineering work) better than all the above cruft though ;)
so that will be this coming weekends work .. (if i'm allowed)
yayaya .. typical crap ,.. ;)
|
|
Home -
Challenges -
Community -
League -
Photos -
Cameras -
Lenses -
Learn -
Help -
Terms of Use -
Privacy -
Top ^
DPChallenge, and website content and design, Copyright © 2001-2025 Challenging Technologies, LLC.
All digital photo copyrights belong to the photographers and may not be used without permission.
Current Server Time: 08/27/2025 10:57:07 PM EDT.
