Honeypots mailing list archives

Previous By Date Next
Previous By Thread Next

Re: what to do with a script kiddie

From: Sebastian Garcia <sgarcia () citefa gov ar>
Date: Mon, 06 Jun 2005 05:03:47 -0800


I will share if I find something interesting, but the incident was 
nearly the same as told in the "Linux Compromise" chapter of "Know your 
Enemy" by the Honeynet Project. So I see no further sense to share that 
info. I recovered all the incident files, like the rootkit, a local 
root exploit and an IRC bouncer, but they are nothing special and easy 
to come by.

Even if you`ve got the same pattern, and the same data, "that" would be
very interesting for some proyects. There are lot of people out there
researching about how intruders work. Not about novel script-keddies
approaches, but about what they do. Even if they all do the same.

hope you share it.


sebas



-- 
Sebastian Garcia
Si6 - Laboratorio de Seguridad Informatica
CITEFA
San Juan B. de La Salle 4397 
B1603ALO Villa Martelli - Pcia. Bs. As.
Tel: (54-11) 4709-8289 
e-mail: sgarcia () citefa gov ar - www.citefa.gov.ar/si6/
http://pgpkeys.mit.edu:11371/pks/lookup?op=get&search=0x4305E810
Previous By Date Next
Previous By Thread Next

Current thread: