Security Incidents mailing list archives

Re: rooted by r0x - from address 212.177.241.127

From: hektor () RZ RWTH-AACHEN DE (Jens Hektor)
Date: Fri, 31 Mar 2000 12:04:05 -0000

Hi,

The ftp to updates.redhat.com was interesting, maybe he
was going to upgrade bind for me  ;-)


have seen this too, AFAIR the attcker was installing
some missing tcl/tk packages to get his BitchX running.

I have seen both, updating your system for his needs
or closing the vulnerability after installing his own
backdoors.

Bye, Jens

Current thread:

Re: 8 hours of pinging, (continued)
- Re: 8 hours of pinging Ed Padin (Mar 28)
  - Re: 8 hours of pinging Dragos Ruiu (Mar 29)
  - rooted by r0x - from address 212.177.241.127 Dwight Schauer (Mar 29)
    - Re: rooted by r0x - from address 212.177.241.127 Ethan King (Mar 29)
    - Re: rooted by r0x - from address 212.177.241.127 Rick Magill (Mar 30)
    - sendmail/identd attack Guido A.J. Stevens (Mar 30)
    - Re: rooted by r0x - from address 212.177.241.127 Ryan Russell (Mar 29)
    - UDP port 9200 Bobby, Paul (Mar 30)
    - Re: UDP port 9200 Robert Graham (Mar 30)
    - Re: UDP port 9200 Joey McAlerney (Mar 30)
    - Re: rooted by r0x - from address 212.177.241.127 Jens Hektor (Mar 31)
  - Re: 8 hours of pinging Robert Kulagowski (Mar 29)
- Re: 8 hours of pinging Ed Padin (Mar 29)