Date: Wed, 24 Jul 2002 22:46:55 -0600 From: "Grant Cooper" <grant.cooper@nucleus.com> To: "Michael Sharp" <freebsd@ec.rr.com> Cc: <freebsd-questions@FreeBSD.ORG> Subject: Re: Watching users Message-ID: <00a401c23396$537fa360$2afececd@TCOOPER> References: <000001c23388$a1c00500$0a01a8c0@MIKESBOX> <002901c2338c$3709eab0$2afececd@TCOOPER> <2083.192.168.1.1.1027570023.squirrel@webmail.probsd.ws>
next in thread | previous in thread | raw e-mail | index | archive | help
True true, I will man jail. A new term for the hour :) . My point is, list such as these are a gold mine for hackers who want to launch attacks from compromised systems. Not so much to harm me but to harm you. :) And as a user of Unix I feel some responsibility to try and lock down my system but you can only learn so much in so little free time. ----- Original Message ----- From: "Michael Sharp" <freebsd@ec.rr.com> To: <grant.cooper@nucleus.com> Cc: <freebsd-questions@FreeBSD.ORG> Sent: Wednesday, July 24, 2002 10:07 PM Subject: Re: Watching users > Grant Cooper said: Just because you see some anonymous FTP activity and > some telnet activity dosent mean there are blackhats on this list > targeting you. As for secure shell, its history compared to FTP cant > even be compared. Did you upgrade SSH when you saw the vulnerability, > or did you a week, or two later? Do you update ports, or patch core > when issues arise? My advice, man jail > > You know what, as soon as you say your a newbie on this list your > > bound to be attacked. After advertising my domain I was flooded with > > anonymous ftp, telnet. This is a perfect place for BHH (Black Hat > > Hackers) to find newbies to compromise and teach a lesson about > > security. How fun. :) > > > > P.S. hehe, I was under the impression that SSH was suppose to be a > > secure shell. I will stick with the old FTP. > > > > paranoia continues..... > > > > ----- Original Message ----- > > From: "sagacious" <sagacious@unixhideout.com> > > To: <freebsd-questions@freebsd.org> > > Sent: Wednesday, July 24, 2002 9:09 PM > > Subject: RE: Watching users > > > > > >> >Hmm... So you want something that will simply just flip a switch > >> and > >> let >you know if/when someone logs in or out. I won't ask why. :-) > >> > >> > >> My box got rooted the other day via that sshd exploit. He was > >> defacing my webpage and causing trouble. I didn't even know it. He > >> started hiding what he was doing so he could keep root. The funny > >> thing is the only reason I still have a box is because I was going > >> on vacation so for the hell of it I closed port 22 in my router. I > >> locked him out without even knowing it. I have people that need to > >> login now that I'm back but I need to see who and what from ips.. > >> For all I know this tool downloaded my master.passwd. > >> Thanks for your help. > >> > >> sagacious (Mike) > >> Network administrator > >> The unixhideout network > >> http://www.unixhideout.com > >> > >> > >> > >> > >> To Unsubscribe: send mail to majordomo@FreeBSD.org > >> with "unsubscribe freebsd-questions" in the body of the message > >> > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-questions" in the body of the message > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00a401c23396$537fa360$2afececd>