brute force ssh attack
Matthew Miller
mattdm at mattdm.org
Wed Apr 27 13:29:06 UTC 2005
On Wed, Apr 27, 2005 at 03:20:08PM +0200, Håkan Persson wrote:
> >Were there any interesting files in the users' home directories? (Look for
> >hidden files too, of course -- maybe a hidden directory named ... or
> >something.) Also check in /tmp and /var. And any luck with the
> >.bash_history? (For both the users and for root....)
> I have installed and use this stuff, http://www.rootkit.nl/, but it has
> never found any vulnerabilities (which probably does mean anything...)
Clearly the people who broke into this system found something. I'm
interested to learn _what_.
--
Matthew Miller mattdm at mattdm.org <http://www.mattdm.org/>
Boston University Linux ------> <http://linux.bu.edu/>
Current office temperature: 80 degrees Fahrenheit.
More information about the fedora-list
mailing list