There's the ticket.... he exploited the login/sharedlib security hole.
# NOW MY QUESTION IS HOW DID HE GET THE PASSWORD? Maybe with my_lib* ?
# May someone have a look at this files, please and mail me his comment?
Yep. And no, I don't need a copy of the files, someone from
sampo.karelia.ru attempted the exact same thing on two of my
systems. Luckily, I have kept everything upto date and he failed in
his infiltration.
My suggestion to you is to go through and read the CERT advers. (and
past postings to this group) and upgrade your system.
#
#
# And beware from logins of these hosts:
#
# sampo.karelia.ru
# kftt-runnet.karelia.ru
# www.ci.houston.tx.us
# ashton.lib.dixie.edu
# ferret-world.csc.peachnet.edu
# gw.kppublish.ru
N!
------------------------------------------------------------------------------
Nicholas J. Leon nicholas@binary9.net
"Elegance through Simplicity" http://www.binary9.net/nicholas
SF/F Reading Suggestion #1: Apprentice Assassin by Robin Hobbs