Security Incidents mailing list archives
Re: Redhat 6.2 Honeypot Hacked
From: Greg Estabrooks <greg () phaze org>
Date: Mon, 15 Apr 2002 23:08:21 -0300
I don't want to start this off on as something negative but here goes, I do not believe in honeypots at all . You run default install insecure
First off maybe before you go jumping to conclusions you should actually READ WHAT I POSTED. "A few weeks ago we had a colocation customers machine get hacked into" Is the start of the very first sentence. I do not, have not, and will not run a Honeypot. The box I got the logs from was a hacked into customers machine, not some honeypot. And the logs where logs that the lame crackers software produced which I found afterward, not something I had been watching and allowing to happen. The main reason it was discovered was because the people were annoying others on IRC enough to get the box flooded a few times which drew our attention, I say again this was a colocation customers box, not "ours".
I hope you post the logs online somewhere , I bet those admins would be interested to know their networks were comprised after you knew they
I was offering the logs to any interested as they seemed to be possibly the same people who had broken into the machine of the person I was replying too, please read before you shoot off your mouth/fingers regarding liabilities. -- "And he piled upon the whales white hump, the sum of all the rage and hate felt by his whole race. If his chest had been a cannon, he would have shot his heart upon it." ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Redhat 6.2 Honeypot Hacked Stephen Holcroft (Apr 10)
- Re: Redhat 6.2 Honeypot Hacked quentyn (Apr 10)
- <Possible follow-ups>
- Re: Redhat 6.2 Honeypot Hacked Stephen Holcroft (Apr 11)
- Re: Redhat 6.2 Honeypot Hacked Greg Estabrooks (Apr 15)
- Message not available
- Re: Redhat 6.2 Honeypot Hacked Greg Estabrooks (Apr 16)
- Re: Redhat 6.2 Honeypot Hacked Greg Estabrooks (Apr 15)