A hacker broke into one of my systems using a consultants weak
password and installed a root kit. Fortunately they did not
do much damage before being caught. I do not think they had
yet hacked the root account, so the damage was minimum.
For those interested, I saved a copy of all of the installation
files (much of it includes source code) that he was using.
They are at:
http://INET-consulting.com/ROOT-INFO.tar.bz2 (1,573,286 bytes)
Some files did not have source code, they are compiled programs.
(So you might NOT want to run time!) Also is a file called WHAT-HE-DID.txt
that is a copy of the .bash_history file he had left behind.
My guess is that he did not have that much experience as he
failed to remove log and history files.
--
Doug Royer | http://INET-Consulting.com
-------------------------------|-----------------------------
Doug(_at_)Royer(_dot_)com | Office: (208)612-4638
http://Royer.com/People/Doug | Fax: (866)594-8574
| Cell: (208)520-4044
We Do Standards - You Need Standards
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf