Firewall Wizards mailing list archives
Re: Hackers left open door to my server..
From: Philip S Holt / Security Engineering <philipsholt () uswest net>
Date: Tue, 25 Jan 2000 11:20:26 -0800
James Hepworth wrote:
Someone tried to get into one of our boxes here and left a door (rcp) to one of their hacked servers. They also left quite a few files on the server, large list of servers, IP addresses, usernames and root passwords + their toolbox of toy scripts. Our system did not let them delete these files, but they thought they had. I also have the console log with them chatting to each other & the commands they issued. Is there any one place to report this type of violation or should I just clam up and clean up the box?
- CERT- "This is what they do - what they are 'on-duty' for; your needs should be sent their way ...." Philip
The connection (rcp) is still up (not for long I suspect tho), I would like to catch these buggers..... Thanks JAMES
Current thread:
- Hackers left open door to my server.. James Hepworth (Jan 24)
- Re: Hackers left open door to my server.. Neil Ratzlaff (Jan 27)
- Re: Hackers left open door to my server.. daN. (Jan 27)
- Re: Hackers left open door to my server.. Jayson Broughton (Jan 27)
- Re: Hackers left open door to my server.. Philip S Holt / Security Engineering (Jan 28)
- <Possible follow-ups>
- RE: Hackers left open door to my server.. Michael J. Daveler (Jan 25)
- RE: Hackers left open door to my server.. Don Benack (Jan 25)
- RE: Hackers left open door to my server.. Bob Eichler (Jan 26)