Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: msamba

From: noconflic <nocon () texas-shooters com>
Date: Tue, 22 Apr 2003 10:14:48 -0500

8. I haven't contacted anyone because I don't have any hard evidence of
where the intrusion came from. The cahcepu.net appears to be run by the
guy who tried to get in anyway so I didn't feel it was too worthwhile.

Once again, thanks for everyone's comments!

Cheers, Steve



  Probably get flamed for sending these but, Like others, I like to keep track of what is 
being used in the wild. Who ever is resposible, it looks like they have been pretty busy. 

   http://www.cahcepu.net/dhegleng/root-logs.txt  

  At the bottom it looks like there are other "Auto rooters" there. 
    http://www.cahcepu.net/dhegleng/mass-slamet.tar.gz
    http://www.cahcepu.net/dhegleng/massplo.tar.gz
    http://www.cahcepu.net/dhegleng/local.tar.gz

 Hope this helps. 
- nocon


----------------------------------------------------------------------------
Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the 
world's premier event for IT and network security experts.  The two-day 
Training features 6 hand-on courses on May 12-13 taught by professionals.  
The two-day Briefings on May 14-15 features 24 top speakers with no vendor 
sales pitches.  Deadline for the best rates is April 25.  Register today to 
ensure your place. http://www.securityfocus.com/BlackHat-incidents 
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: