Potkali jste nekdo hack kakasniff?
Tibor Pittich
future na phuture.sk
Pondělí Říjen 26 23:03:06 CET 1998
On Mon, 26 Oct 1998, Martin Bily wrote:
> Z tehle adresy mam v logu povicero zaznamu (pres celou obrazovku)
> s pokusy o connect na imapd a telnetd, bylo to 24.10. okolo 22:30.
>
pritelovi som pomahal dostat do povodneho stavu masinu a z logov sa dalo
zistit toto:
Oct 24 21:53:47 main tcpd[12211]: warning: can't get client address: Socket
operation on non-socket
Oct 24 21:53:47 main tcpd[12211]: connect from unknown
Oct 24 21:53:47 main tcpd[12211]: warning: can't get client address: Socket
operation on non-socket
upozornujem, ze /var/log/messages bolo "precistene".
zistil som naledovne:
masina bola hacknuta cez dieru v named, nainstalovany bol rootkit (ls -la
/dev/pty?), "patchnute" takmer vsetky "zaujimave" binarky...
btw. backdoor skuste hladat v /etc/inetd.conf ;)
s pozdravom
Tibor Pittich
Email : Tibor.Pittich na phuture.sk
IRC : IRCnet (server irc.wu-wien.ac.at)
Nick : FuturE
HomePage : http://www.phuture.sk/future
--------------------------> píšte mi v ISO-8859-2 <-------------------------
/topic #linux
what is root-access, and can I install it on my isp? is there an rpm for it?
Další informace o konferenci Linux