[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Hacked RaQ4 - findings

Subject: Re: [cobalt-security] Hacked RaQ4 - findings
From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
Date: Wed, 18 Apr 2001 23:18:46 +0200
Organization: Forumworld.com
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hi Lawrence,

> We found the same hack in a RAQ3 in February, along with a few other
> problems too.
>
> See http://groups.yahoo.com/group/raq/message/8554b for details

Thanks for the pointers. Yes, I also noticed the la.pid in certain places, 
but the inetd.conf on the RaQ4 had not been tampered with. That's usually the 
first place where I look.

I'm not sure about the rc.sysinit. Might as well be that I overlooked the 
cronlogd part of this beast.

-- 


Mit freundlichen Grüßen / Best regards

Michael Stauber

References:
- Re: [cobalt-security] Hacked RaQ4 - findings
  - From: Michael Stauber
- Re: [cobalt-security] Hacked RaQ4 - findings
  - From: Lawrence Frewin of Accommodation.com

Prev by Date: Re: [cobalt-security] Hacked RaQ4 - findings
Next by Date: [cobalt-security] FTP exploits
Previous by thread: Re: [cobalt-security] Hacked RaQ4 - findings
Next by thread: RE: [cobalt-security] Possible problem?

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index