Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 24 Jul 2002 22:46:55 -0600
From:      "Grant Cooper" <grant.cooper@nucleus.com>
To:        "Michael Sharp" <freebsd@ec.rr.com>
Cc:        <freebsd-questions@FreeBSD.ORG>
Subject:   Re: Watching users
Message-ID:  <00a401c23396$537fa360$2afececd@TCOOPER>
References:  <000001c23388$a1c00500$0a01a8c0@MIKESBOX>        <002901c2338c$3709eab0$2afececd@TCOOPER> <2083.192.168.1.1.1027570023.squirrel@webmail.probsd.ws>

next in thread | previous in thread | raw e-mail | index | archive | help
True true, I will man jail. A new term for the hour :) . My point is, list
such as these are a gold mine for hackers who want to launch attacks from
compromised systems. Not so much to harm me but to harm you. :) And as a
user of Unix I feel some responsibility to try and lock down my system but
you can only learn so much in so little free time.

----- Original Message -----
From: "Michael Sharp" <freebsd@ec.rr.com>
To: <grant.cooper@nucleus.com>
Cc: <freebsd-questions@FreeBSD.ORG>
Sent: Wednesday, July 24, 2002 10:07 PM
Subject: Re: Watching users


> Grant Cooper said: Just because you see some anonymous FTP activity and
> some telnet activity dosent mean there are blackhats on this list
> targeting you.  As for secure shell, its history compared to FTP cant
> even be compared. Did you upgrade SSH when you saw the vulnerability,
> or did you a week, or two later?  Do you update ports, or patch core
> when issues arise?  My advice, man jail
> > You know what, as soon as you say your a newbie on this list your
> > bound to be attacked. After advertising my domain I was flooded with
> > anonymous ftp, telnet. This is a perfect place for BHH (Black Hat
> > Hackers) to find newbies to compromise and teach a lesson about
> > security. How fun. :)
> >
> > P.S.    hehe, I was under the impression that SSH was suppose to be a
> > secure shell. I will stick with the old FTP.
> >
> > paranoia continues.....
> >
> > ----- Original Message -----
> > From: "sagacious" <sagacious@unixhideout.com>
> > To: <freebsd-questions@freebsd.org>
> > Sent: Wednesday, July 24, 2002 9:09 PM
> > Subject: RE: Watching users
> >
> >
> >> >Hmm... So you want something that will simply just flip a switch
> >> and
> >> let >you know if/when someone logs in or out. I won't ask why. :-)
> >>
> >>
> >> My box got rooted the other day via that sshd exploit. He was
> >> defacing my webpage and causing trouble. I didn't even know it. He
> >> started hiding what he was doing so he could keep root. The funny
> >> thing is the only reason I still have a box is because I was going
> >> on vacation so for the hell of it I closed port 22 in my router. I
> >> locked him out without even knowing it. I have people that need to
> >> login now that I'm back but I need to see who and what from ips..
> >> For all I know this tool downloaded my master.passwd.
> >> Thanks for your help.
> >>
> >> sagacious (Mike)
> >> Network administrator
> >> The unixhideout network
> >> http://www.unixhideout.com
> >>
> >>
> >>
> >>
> >> To Unsubscribe: send mail to majordomo@FreeBSD.org
> >> with "unsubscribe freebsd-questions" in the body of the message
> >>
> >
> >
> > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > with "unsubscribe freebsd-questions" in the body of the message
>
>
>
>


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00a401c23396$537fa360$2afececd>