Security Incidents mailing list archives
Re: cron exploit?
From: Tim Greer <chatmaster () charter net>
Date: 30 Sep 2003 11:07:49 -0700
On Mon, 2003-09-29 at 15:34, Jeremy Hanmer wrote:
Right now, I'm still curious to find out why they were poking around cron stuff so much if it wasn't related to their entry, but I'm generally in the dark as to exactly what happened since they obviously cleaned up most of the logs.
Likely they were trying to set it so cron would run the log cleanup routines etc., after they logged out. Otherwise, it's hard to say why. -- Tim Greer <chatmaster () charter net> --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- cron exploit? Jeremy Hanmer (Sep 29)
- Re: cron exploit? Pavel Kankovsky (Sep 29)
- Re: cron exploit? Matt Zimmerman (Sep 29)
- Re: cron exploit? Jeremy Hanmer (Sep 29)
- Re: cron exploit? Barry Fitzgerald (Sep 29)
- Re: cron exploit? Jeremy Hanmer (Sep 29)
- Re: cron exploit? Matt Zimmerman (Sep 29)
- Re: cron exploit? Jeremiah Cornelius (Sep 30)
- Re: cron exploit? Tim Greer (Sep 30)
- Re: cron exploit? Jeremy Hanmer (Sep 29)
- Re: cron exploit? Matt Zimmerman (Sep 29)