Security Incidents mailing list archives
Re: Redhat 6.2 Honeypot Hacked
From: Greg Estabrooks <greg () phaze org>
Date: Sun, 14 Apr 2002 23:32:44 -0300
have had many emails from Romanians offering to translate the IRC bits.
A few weeks ago we had a colocation customers machine get hacked into by a couple of romanians who then used it as a BNC bouncer for themselves and some friends. I've had an IRC client in their channel watching them for weeks and was going to notify all of the various hosts I see them join from. The BNC logs from the hacked machine show (I have an rsync of it) all of the machines they connect from, IRC servers they connected to as well as most of the IRC conversations for the month and a half they had access to the machine. -- "And he piled upon the whales white hump, the sum of all the rage and hate felt by his whole race. If his chest had been a cannon, he would have shot his heart upon it." ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Redhat 6.2 Honeypot Hacked Stephen Holcroft (Apr 10)
- Re: Redhat 6.2 Honeypot Hacked quentyn (Apr 10)
- <Possible follow-ups>
- Re: Redhat 6.2 Honeypot Hacked Stephen Holcroft (Apr 11)
- Re: Redhat 6.2 Honeypot Hacked Greg Estabrooks (Apr 15)
- Message not available
- Re: Redhat 6.2 Honeypot Hacked Greg Estabrooks (Apr 16)
- Re: Redhat 6.2 Honeypot Hacked Greg Estabrooks (Apr 15)