[ale] Hacked
Jeremy T. Bouse
undrgrid at UnderGrid.net
Tue Dec 8 02:41:52 EST 1998
-----BEGIN PGP SIGNED MESSAGE-----
On Mon, 7 Dec 1998, Matthew Brown wrote:
> Date: Mon, 7 Dec 1998 10:22:44 -0500
> From: Matthew Brown <matthew.brown at cordata.net>
> To: ALE <ale at cc.gatech.edu>
> Subject: [ale] Hacked
>
> One of my machines just got hacked over the last 7 days, an di am trying to
> clean-up and figure out what happened.
>
> 1. Does anyone know what the 'wheel' group is for? Might this have been
> installed as an initial system user?
>
This group is used by several system tasks... ftp used to on
Slackware distros... I know debian has moved to a ftp group...
> 2. Can anyone tell me how I might've been hacked through IMAPD?
>
IMAP has been widely known to have exploits left and right... I
actually have a process that firewalls you if you even attempt to connect
to our mail server on the IMAP ports...
Respectfully,
Jeremy T. Bouse
Sr. System Administrator
,-----------------------------------------------------------------------------,
| Jeremy T. Bouse - SouthNet TeleComm Services, Inc. - www.STSI.net |
| PGP ID/Fingerprint: 1024/E83D9AE5/4ACC03F098D78198 19D0593E50E597E9 |
| Public PGP key available by sending email with 'send pgpkey' in subject |
| undrgrid at UnderGrid.net - NIC Whois: JB5713 - sysadmin at STSI.net |
| The world is coming to an end ... SAVE YOUR BUFFERS!!! |
`-----------------------------------------------------------------------------'
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: noconv
iQCVAwUBNmzYRuak13roPZrlAQEJpQP/YxTSI6AqfxJdAAWhCH0SgFPvmn8SXw4h
SO9u+XNayLjiIbh1YKvHMFKdZUabrJEfJZlWbPeQzF/kxhxZ3MMfpUeU3cssFxY+
eqXdF2mbdco995g6UrQbay8VecaNfvn6RUI11M85TCaModWzTFNEv5qzCo53FPJx
C+4gq+9/Klg=
=Vsa3
-----END PGP SIGNATURE-----
More information about the Ale
mailing list