[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] Hacked?

Subject: [cobalt-security] Hacked?
From: Alan Ng <alan@xxxxxxxxxxxxxxxxx>
Date: Wed, 25 Sep 2002 18:43:49 -0700
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hi All,

This is my first post so sorry for the newbie listing... I have a Raq4rwith updated patches


My question is, how can I keep this from happening in the future...

Sep 25 13:17:43 ns1 PAM_pwdb[12063]: authentication failure; (uid=0) ->elite for ssh serviceSep 25 13:17:44 ns1 sshd[12063]: log: Rsa authentication refused forelite: no /home/elite/.ssh directorySep 25 13:17:46 ns1 PAM_pwdb[12063]: (ssh) session opened for user eliteby (uid=0)Sep 25 13:17:46 ns1 sshd[12063]: log: Password authentication for eliteaccepted.Sep 25 13:17:46 ns1 sshd[12063]: log: ROOT LOGIN as 'elite' frommump.bestiary.com

	Sep 25 15:02:21 ns1 sshd[12063]: log: Closing connection to 204.225.173.21
	Sep 25 15:02:21 ns1 PAM_pwdb[12063]: (ssh) session closed for user elite

I've deleted the user to start off...

Any help appreciated and thanks in advance.

Alan

Follow-Ups:
- Re: [cobalt-security] Hacked?
  - From: David Smulsky

Prev by Date: [cobalt-security] Qube3-All-Security-4.0.1-15787
Next by Date: Re: [cobalt-security] Hacked?
Previous by thread: [cobalt-security] Hacked?
Next by thread: Re: [cobalt-security] Hacked?

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index