Hacker

[Radomir Slezak - MHBH a.s.]

Zajimalo by ma jak tohle kdo chape ? V systemu jsem skutecne nasel dva
soubory, obsah jednoho jsem sem daval, ale neni odpoved.
Diky

R. Slezak

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

To the systems administrator
It has come to my attention that your computer system is one of a number
that
may be being used maliciously without your knowledge. I'm a user of the irc
network irc.draconic.com and there is a connection from your box to this
network in the channel #kaiten.
The following systems have been affected.
[01:25:43] --- #kaiten ~Yqaj mail.mhbh.cz aquila.draconic.com AaC`Cu H :0
tlax
[01:25:43] --- #kaiten ~bmer dns.gf.su.ac.yu aquila.draconic.com Ljoin H :0
tcouvvod
[01:25:43] --- #kaiten ~fkuxhalm 207.102.158.10 iolite.draconic.com zgineg H
:1 JoVcNbS
[01:25:43] --- #kaiten ~cgokh ginger.stat.math.keio.ac.jp
aquila.draconic.com
h_euc H :0 _mut`
[01:25:43] --- #kaiten ~Unypeu medzine.chungbuk.ac.kr aquila.draconic.com
accou H :0 acces
[01:25:43] --- #kaiten ~bgopce 211.109.219.91 aquila.draconic.com tpo_vin` H
:0 ag`eh
[01:25:43] --- #kaiten ~bqomm 210.115.127.1 iolite.draconic.com abduc H :1
Uzuxu`an
[01:25:43] --- #kaiten ~hxiph 210.179.97.1 aquila.draconic.com qbop H :0
m_um
[01:25:43] --- #kaiten ~abbrev host-63-108-129-237.api-digital.com
aquila.draconic.com tjejg H :0 MiCkTw
[01:25:44] --- #kaiten ~wnevc 211.109.219.91 aquila.draconic.com Hboviqiq H
:0 ijpigko
[01:25:44] --- #kaiten ~vjut_a 210.78.22.102 aquila.draconic.com yiikv H :0
ir`ij
[01:25:44] --- #kaiten ~ruoo 210.99.216.193 aquila.draconic.com jgog H :0
Tanox
[01:25:44] --- #kaiten ~AxAaZ 210.72.245.1 aquila.draconic.com zlugi H :0
nrisaa
[01:25:44] --- * :End of /WHO list.

I have checked all these systems and they all are running proftpd-1.2.0pre1
Which has a remotely exploitable bug detailed here.
http://rootshell.com/archive-j457nxiqi3gq59dv/199902/ftpd.txt.html
I would urge you as a part of the internet community to patch the security
hole as soon as you are able.
Authenticity of my identify and this message can be verified by using my
public key http://snowy.dnsalias.com/snowy.gpg
Thank you
Matthew Dunn
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: Sanity is the hallmark of the slow witted (www.gnupg.org, pgp.com)

iEYEARECAAYFAjrTM/8ACgkQLFBqI0haV/H5GQCfR5+U9lIwA869FmTO8eWMZx3S
fPUAn0UWHor8vgXBE9jOP0pm6wH33oXf
=lUnO
- -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: Sanity is the hallmark of the slow witted (www.gnupg.org, pgp.com)

iEYEARECAAYFAjrTNZYACgkQLFBqI0haV/EyPACgg8381AY7ITs8I3j/hYjvjWa8
Hx0An1w4HKgzSeiXz17Wnk4pVAnMIwoF
=GfBo
-----END PGP SIGNATURE-----


---
Odchozí zpráva neobsahuje viry.
Zkontrolováno antivirovým systémem AVG (http://www.grisoft.cz).
Verze: 6.0.244 / Virová báze: 119 - datum vydání: 2.4.2001