attack 2
jludwig
wralphie at comcast.net
Tue May 10 23:22:10 UTC 2005
On Tuesday 10 May 2005 06:16 pm, roland brouwers wrote:
> Hello everyone,
>
> Panic...
>
> I noticed accepted passwords for different users, such as root, myself
> and another one, coming from outside:::ffff:213.219.168.50
>
> How is that possible?
> Can I detect somehow what he/she did?
>
> In the mean time I changed passwords.
>
> Roland Brouwers
> Email roland at cat.be
>
You had better check for rootkits and viruses also.
>From http://www.ripe.net/whois
% Information related to '213.219.128.0/18AS9031'
route: 213.219.128.0/18
descr: EDPnet
origin: AS9031
mnt-by: EDP-NET
source: RIPE
Sorry to flame you, but.
You should try to find out what the what the cracker wanted and their intent
in getting into your system.
>From what I read three passwords??? They must be weak passwords!
My passwords are always a minimum of 8 charactors S.A. wsx43210z.
Using words and phrases is VERY BAD! (yes yelling)!!
How is your firewall how tight is it, or, do you have a firewall?
--
John H Ludwig
Common sense is so rare, why do they call it common!!!
Manual customization of this file is not recommended,
BUT WILL BE DONE!!!
More information about the fedora-list
mailing list