Update and Report on Fedora August 2008 Intrusion

Arthur Pemberton pemboa at gmail.com
Mon Mar 30 16:02:12 UTC 2009


On Mon, Mar 30, 2009 at 10:43 AM, Joe Smith <jes at martnet.com> wrote:
> Jonathan Dieter wrote:
>>
>> ...
>> Thank you for the update.  I, for one, really appreciate hearing the
>> whole story.
>
> Agreed--well done.
>
> Any ideas what cron job it was that failed, and why, that first aroused
> suspicion? I'd like to know better what kind of things to watch for.
>
> I can't help thinking that a less clumsy intruder could have done a lot more
> damage. Hopefully the additional precautions will make it that much harder
> to be "less clumsy".


I suspect this kind of attack is difficult to stop. The attacker was,
to the system, supposed to be there. Running operations he was
technically supposed to have access to.

Frankly I think it's quite good that they found out that early.


-- 
Fedora 9 : sulphur is good for the skin
( www.pembo13.com )




More information about the fedora-list mailing list