help analyzing an attack
Dave Cramer
davec-zxk95TxsVYDyHADnj0MGvQC/G2K4zDHf at public.gmane.org
Wed Apr 18 16:17:38 UTC 2007
Here's what I know.
Looks like weak password on ssh, then portforwarding through ssh to x
windows, probably an X bug.
Fedora Core 2 is the distribution.
Dave
On 18-Apr-07, at 11:54 AM, Jamon Camisso wrote:
> Lennart Sorensen wrote:
>> On Tue, Apr 17, 2007 at 11:34:06PM -0400, Dave Cramer wrote:
>>> Someone managed to get into one of my machines. I caught it
>>> fairly early. However I still don't know how he got root
>> Got any services running? Apache, ftp, nfs, etc? Running an up
>> to date
>> distribution or a pretty old one?
>
> ssh
> --
> The Toronto Linux Users Group. Meetings: http://gtalug.org/
> TLUG requests: Linux topics, No HTML, wrap text below 80 columns
> How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
--
The Toronto Linux Users Group. Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
More information about the Legacy
mailing list