brute force ssh attack

Matthew Miller mattdm at mattdm.org
Wed Apr 27 13:29:06 UTC 2005


On Wed, Apr 27, 2005 at 03:20:08PM +0200, Håkan Persson wrote:
> >Were there any interesting files in the users' home directories? (Look for
> >hidden files too, of course -- maybe a hidden directory named ... or
> >something.) Also check in /tmp and /var. And any luck with the
> >.bash_history? (For both the users and for root....)
> I have installed and use this stuff, http://www.rootkit.nl/, but it has
> never found any vulnerabilities (which probably does mean anything...)

Clearly the people who broke into this system found something. I'm
interested to learn _what_.


-- 
Matthew Miller           mattdm at mattdm.org        <http://www.mattdm.org/>
Boston University Linux      ------>                <http://linux.bu.edu/>
Current office temperature: 80 degrees Fahrenheit.




More information about the fedora-list mailing list