Educause Security Discussion mailing list archives
Re: Ongoing Port 6000 attacks, Windows Xserver Compromises, keyloggers
From: Chris Edwards <chris () ENG GLA AC UK>
Date: Fri, 26 Jan 2007 12:52:39 +0000
| Briefly, the attacker connects to an X server and - provided the X | server has been improperly configured - they are able to grab a screen | dump, keystrokes, and anything else in the X session. Hi, Out of interest, do those sites experiencing such attacks have incoming X blocked at the border ? In other words, are the attackers connecting to unsecured X servers direct from off-campus (easy), or, from machines on-campus already compromised by some other means (hopefully not so easy). Thanks Chris -- Chris Edwards, Glasgow University Computing Service
Current thread:
- Re: Ongoing Port 6000 attacks, Windows Xserver Compromises, keyloggers Roger Safian (Jan 24)
- <Possible follow-ups>
- Re: Ongoing Port 6000 attacks, Windows Xserver Compromises, keyloggers Brian Smith-Sweeney (Jan 24)
- Re: Ongoing Port 6000 attacks, Windows Xserver Compromises, keyloggers James J. Barlow (Jan 24)
- Re: Ongoing Port 6000 attacks, Windows Xserver Compromises, keyloggers Wes Young (Jan 24)
- Re: Ongoing Port 6000 attacks, Windows Xserver Compromises, keyloggers Warren Petrofsky (Jan 24)
- Re: Ongoing Port 6000 attacks, Windows Xserver Compromises, keyloggers Valdis Kletnieks (Jan 25)
- Re: Ongoing Port 6000 attacks, Windows Xserver Compromises, keyloggers Chris Edwards (Jan 26)