Re: [Offtopic] Russian Hacker

Nicholas J. Leon (lists-nicholas@binary9.net)
Fri, 3 Jan 1997 07:51:31 -0500 (EST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Olaf Titz: "Re: super.c - kerneld race condition in 2.0.27"
Previous message: Gerard Roudier: "Re: Serious ext2fs problem"
In reply to: Mike Jagdis: "Re: Problem with personality.h"
Next in thread: Nicolas St-Pierre: "Re: [Offtopic] Russian Hacker"

Harald Hoyer was overheard whispering ...
# At Dec 30 we had a visit of someone from sampo.karelia.ru.
# We don't know where he got the passwd of one of our users,
# but ... shit happens.
#
# The first thing he/she/it did was downloading two files named:
# my_lib and my_library.so (attached).

There's the ticket.... he exploited the login/sharedlib security hole.

# NOW MY QUESTION IS HOW DID HE GET THE PASSWORD? Maybe with my_lib* ?
# May someone have a look at this files, please and mail me his comment?

Yep. And no, I don't need a copy of the files, someone from
sampo.karelia.ru attempted the exact same thing on two of my
systems. Luckily, I have kept everything upto date and he failed in
his infiltration.

My suggestion to you is to go through and read the CERT advers. (and
past postings to this group) and upgrade your system.

#
#
# And beware from logins of these hosts:
#
# sampo.karelia.ru
# kftt-runnet.karelia.ru
# www.ci.houston.tx.us
# ashton.lib.dixie.edu
# ferret-world.csc.peachnet.edu
# gw.kppublish.ru

N!
------------------------------------------------------------------------------
Nicholas J. Leon nicholas@binary9.net
"Elegance through Simplicity" http://www.binary9.net/nicholas

SF/F Reading Suggestion #1: Apprentice Assassin by Robin Hobbs

Next message: Olaf Titz: "Re: super.c - kerneld race condition in 2.0.27"
Previous message: Gerard Roudier: "Re: Serious ext2fs problem"
In reply to: Mike Jagdis: "Re: Problem with personality.h"
Next in thread: Nicolas St-Pierre: "Re: [Offtopic] Russian Hacker"