Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 25 Jul 2002 00:07:03 -0400 (EDT)
From:      "Michael Sharp" <freebsd@ec.rr.com>
To:        <grant.cooper@nucleus.com>
Cc:        <freebsd-questions@FreeBSD.ORG>
Subject:   Re: Watching users
Message-ID:  <2083.192.168.1.1.1027570023.squirrel@webmail.probsd.ws>
In-Reply-To: <002901c2338c$3709eab0$2afececd@TCOOPER>
References:  <000001c23388$a1c00500$0a01a8c0@MIKESBOX> <002901c2338c$3709eab0$2afececd@TCOOPER>

next in thread | previous in thread | raw e-mail | index | archive | help
Grant Cooper said: Just because you see some anonymous FTP activity and
some telnet activity dosent mean there are blackhats on this list
targeting you.  As for secure shell, its history compared to FTP cant
even be compared. Did you upgrade SSH when you saw the vulnerability,
or did you a week, or two later?  Do you update ports, or patch core
when issues arise?  My advice, man jail
> You know what, as soon as you say your a newbie on this list your
> bound to be attacked. After advertising my domain I was flooded with
> anonymous ftp, telnet. This is a perfect place for BHH (Black Hat
> Hackers) to find newbies to compromise and teach a lesson about
> security. How fun. :)
>
> P.S.    hehe, I was under the impression that SSH was suppose to be a
> secure shell. I will stick with the old FTP.
>
> paranoia continues.....
>
> ----- Original Message -----
> From: "sagacious" <sagacious@unixhideout.com>
> To: <freebsd-questions@freebsd.org>
> Sent: Wednesday, July 24, 2002 9:09 PM
> Subject: RE: Watching users
>
>
>> >Hmm... So you want something that will simply just flip a switch
>> and
>> let >you know if/when someone logs in or out. I won't ask why. :-)
>>
>>
>> My box got rooted the other day via that sshd exploit. He was
>> defacing my webpage and causing trouble. I didn't even know it. He
>> started hiding what he was doing so he could keep root. The funny
>> thing is the only reason I still have a box is because I was going
>> on vacation so for the hell of it I closed port 22 in my router. I
>> locked him out without even knowing it. I have people that need to
>> login now that I'm back but I need to see who and what from ips..
>> For all I know this tool downloaded my master.passwd.
>> Thanks for your help.
>>
>> sagacious (Mike)
>> Network administrator
>> The unixhideout network
>> http://www.unixhideout.com
>>
>>
>>
>>
>> To Unsubscribe: send mail to majordomo@FreeBSD.org
>> with "unsubscribe freebsd-questions" in the body of the message
>>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2083.192.168.1.1.1027570023.squirrel>