[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] A hacker at work

Subject: Re: [cobalt-security] A hacker at work
From: Gordon Mcdowall <gordon.mcdowall@xxxxxxxxxxx>
Date: Mon, 18 Jun 2001 08:29:30 +0100
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

"Steve Werby" <steve-lists@xxxxxxxxxxxx> wrote:
>I'm sure you already know, but in case you haven't considered it there's a
>strong likelihood that the machine he FTPed from was one he rooted or is on
>a shared machine with lots of other innocent users.  So consider that by
>taking action on the machine you may be affecting a person just as innocent
>as your customers who were hacked.  There's no way to know for sure, but
>some cursory research might give you an idea.  And in case you have
>considered this and have done some research, know that when I write a
>message it's for the benefit of the whole list in addition to the person
I'm
>replying to.

I had no intention of doing anything nasty to the machine which this guys
ftp account was on, we went through the proper channels, got in touch with
the hosting company and had his ftp account closed down.

Also for the groups information the machines which were attacked had been
installed with all relavent os and security patches/upgrades

Prev by Date: Re: [cobalt-security] xferlog & xferlog.1 = 0 bytes?
Next by Date: Re: [cobalt-security] Re: RaQ4-All-Security Release 1.0.2-5-9769
Previous by thread: Re: [cobalt-security] A hacker at work
Next by thread: [cobalt-security] Strange behaviour

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index