[lug] i got hacked
D. Stimits
stimits at idcomm.com
Thu Apr 18 16:40:07 MDT 2002
j davis wrote:
>
> i have a box at a place i do contract work about 2 days a month.
> today i could not ssh to it. so iwent on site and discoverd i got
> hacked...like a dummy i didnt have tcp wrappers on or a firewall . i think
> they exploited wu-ftpd
> ..i use redhat 7.1 with wu-ftpd 2.6.1-20...i havent got around to upgrading
> yet.
> anyway here is what i found in /etc/rc3.d/S52remote
Sorry to keep posting in fragments, I wish I could find more English
language data on this. Another question is if you have a tool on your
system, pwck, or grpck? These are apparently for security purposes,
intended to scan password files for inconsistencies, but it has an
exploit that makes it useful as an attack tool as well:
http://sinaia.globtel.ro/news/modules.php?op=modload&name=Forum&file=viewtopic&topic=24&forum=29&0
D. Stimits, stimits at idcomm.com
More information about the LUG
mailing list