[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: brute force ssh attack



On Wed, Apr 27, 2005 at 03:20:08PM +0200, Håkan Persson wrote:
> >Were there any interesting files in the users' home directories? (Look for
> >hidden files too, of course -- maybe a hidden directory named ... or
> >something.) Also check in /tmp and /var. And any luck with the
> >.bash_history? (For both the users and for root....)
> I have installed and use this stuff, http://www.rootkit.nl/, but it has
> never found any vulnerabilities (which probably does mean anything...)

Clearly the people who broke into this system found something. I'm
interested to learn _what_.


-- 
Matthew Miller           mattdm mattdm org        <http://www.mattdm.org/>
Boston University Linux      ------>                <http://linux.bu.edu/>
Current office temperature: 80 degrees Fahrenheit.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]