LINUX.IE, website of the Irish Linux Users' Group
Tux rules!

   
Home
New Users
Articles
Download
Projects
Community
Vendors

  Print Version
Email to...
 
Archives:


planetILUG

Recent News

News Archive


Join the
ILUG
on FaceBook


Join the
ILUG
on LinkedIn


Join the
ILUG SETI
Group



















 
 :: Mailing Lists

[ILUG] Sinking feeling - in.sysched

[ILUG] Sinking feeling - in.sysched

Joshua R. Beining jbeining at eline.com
Fri Sep 1 02:33:55 IST 2000 

I'll write something up in the end once I find out how the hacker got in.
That is what is bothering me the most.

-Joshua

-----Original Message-----
From: ilug-admin at linux.ie [mailto:ilug-admin at linux.ie]On Behalf Of Paul
Jakma
Sent: Thursday, August 31, 2000 6:17 PM
To: Joshua R. Beining
Cc: gary at netsoc.tcd.ie; ilug at linux.ie
Subject: RE: [ILUG] Sinking feeling - in.sysched


On Thu, 31 Aug 2000, Joshua R. Beining wrote:

> Thanks Gary.  I actually already found that article.  It is what pointed
me
> in the hacked system direction.  After about 1 hour of looking around, the
> system has definitely been hacked (damn!).  in.sysched is just one of many
> tools that were installed.  And I believe that it is some type of DDOS
tool
> (unless someone knows otherwise).  The others include a trojaned ps, sshd
> and login, a prog to clean any reference to an ip/user in all the
/var/log/*
> files, a sniffer, and a nice little shell script that installs them all.
> Argh! And I was hoping to leave work early today.  LOL.  If anyone has any
> comments, I'd love to hear them.  I'll let you all know what I find.
>

a little writeup would be cool.

the state of the machine before. (ie what level of security was
expected from the box).
how they got in.
what they did.
how you discovered it.
what you did
hindsight is 20/20 - what could have been done.
etc...

might be something for the linux.ie website?

> -Joshua

regards,
--
Paul Jakma	paul at clubi.ie
PGP5 key: http://www.clubi.ie/jakma/publickey.txt
-------------------------------------------
Fortune:
Now and then an innocent man is sent to the legislature.


--
Irish Linux Users' Group: ilug at linux.ie
http://www.linux.ie/mailman/listinfo/ilug for (un)subscription information.
List maintainer: listmaster at linux.ie

More information about the ILUG mailing list
Read this without the formatting.
                                                                                                    

  

Hosted by HEAnet


 Maintained by the ILUG website team. The aim of Linux.ie is to support and help commercial and private users of Linux in Ireland. You can display ILUG news in your own webpages, read backend information to find out how. Networking services kindly provided by HEAnet, server kindly donated by Dell. Linux is a trademark of Linus Torvalds, used with permission. No penguins were harmed in the production or maintenance of this highly praised website. Looking for the Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
RSS Version
Powered by Dell