Security Incidents mailing list archives
Incident Analysis of Compromised OpenBSD3.0 Honeypot
From: "Michael Anuzis" <michael_anuzis () hotmail com>
Date: Thu, 11 Jul 2002 12:43:29 -0400
Many scripts have been released lately targeting OpenBSD (the Apache/OpenSSH ones to be more specific). I was curious to find who would actually attack an OpenBSD system and what types of rootkits would be used if any since OpenBSD has gone so long without being an easy target to hack, not many RKs are available with OpenBSD as the target. I set up a simple honeynet to try to find some of these results which was hacked by two people in under a day.
The whitepaper is available here: http://www.lucidic.net/whitepapers/manuzis-7-5-2002-1.html
Comments/feedback are much appreciated! Michael Anuzis, CCNA Network Security Consultant http://www.anuzisnetworking.com http://www.lucidic.net - The Distributed Honeypot Project _________________________________________________________________MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx
---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service.For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Incident Analysis of Compromised OpenBSD3.0 Honeypot Michael Anuzis (Jul 11)