Blackhole
Burke, Thomas G.
tg.burke at ngc.com
Mon Apr 11 19:05:31 UTC 2005
I was reading an article where someone set up a "honeypot" to figure out how people were breaking into systems & figure out ways to stop them/track them... After an initial system install (no firewalls, no updates), the average time for someone to take over the machine was, like, less than 4 hours. (I'm thinking it was closer to 20 minutes)
An idea op how many scripts are running out there...
-Tom
-----Original Message-----
From: redhat-list-bounces at redhat.com [mailto:redhat-list-bounces at redhat.com]On Behalf Of Chris Kenward
Sent: Monday, April 11, 2005 3:01 PM
To: 'General Red Hat Linux discussion list'
Subject: RE: Blackhole
Hi Mike
> Do you have chkrootkit 0.45 installed and have you run it lately
> just as a backup check of things?
Nope - I downloaded it for the first time today. Also had a look at
'rkhunter' which looks very impressive. Warned me that SSH allowed root
access too! ;) Now I'm trying to figure out how to change that. Had a look
in the SSH_Config file but not apparently in there.
Strange - some of the packages also come up as have different MD5 algorythms
than expected and that's sorta thrown me as well. I mean this is a cuppla
week old install of Redhat.... Unless the hacker has changed something...
Regards
Chris
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
More information about the redhat-list
mailing list