[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Hacked RaQ4 - findings
- Subject: Re: [cobalt-security] Hacked RaQ4 - findings
- From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
- Date: Wed, 18 Apr 2001 23:18:46 +0200
- Organization: Forumworld.com
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hi Lawrence,
> We found the same hack in a RAQ3 in February, along with a few other
> problems too.
>
> See http://groups.yahoo.com/group/raq/message/8554b for details
Thanks for the pointers. Yes, I also noticed the la.pid in certain places,
but the inetd.conf on the RaQ4 had not been tampered with. That's usually the
first place where I look.
I'm not sure about the rc.sysinit. Might as well be that I overlooked the
cronlogd part of this beast.
--
Mit freundlichen Grüßen / Best regards
Michael Stauber