[100517] in RedHat Linux List
Re: Hacked! :(
daemon@ATHENA.MIT.EDU (UNIXMAN)
Sat Nov 21 13:40:37 1998
Date: Sat, 21 Nov 1998 13:48:04 -0500 (EST)
From: UNIXMAN <jzygmont@alpha.confederationc.on.ca>
To: Nikki Cook <sunny@mail.suntrix.com>
Cc: redhat-list@redhat.com
In-Reply-To: <98112107472900.20081@shell.suntrix.com>
Resent-From: redhat-list@redhat.com
Reply-To: redhat-list@redhat.com
did you se a password for root? <G> How have they been breaking in to
your systems so easily?
On Sat, 21 Nov 1998, Nikki Cook wrote:
> <preach>
> Aren't those words just ringing in the ears of lots of folks? David, you're not
> alone.
>
> By me posting this, I'm calling attention to our company's system. I expect
> our logs to show more pokes than I've seen in a while after this hits the
> list. We don't know who's on this list or what illegal action they are willing
> to take. We don't know that when we post detail, who's out there taking
> notes. But I feel this is important to say here, on this list, where the
> RedHat community talks to each other.
>
> For those of you who haven't <for whatever reason> taken measures to use all
> that is available to protect your system, keep in mind that you have the power
> to be proactive about this issue.
>
> This is a point that may be lost on some. While you're protecting yourself,
> you're also taking steps to protect the rest of the internet community. Every
> machine that is broken into is a jump off point for an individual to locate
> other vulnerable machines. Anything from just getting a free account to out
> right criminal activity may be the focus of a break in. According to CERT, you
> may be held liable.
>
> I spend more time than I care to think about notifying admins and their uplinks
> about the information our system gleans. You'd be amazed if you knew some of
> the (supposedly trusted) places I've sent notifications that subsequently
> acknowledged a break in and verified measures they had taken to correct the
> incident. Then there's more time used to "practice what we preach" to the best
> of our ability.
>
> In my opinion, the fact that we RedHat'ers are a strong community could and
> should lend itself to being _proactive_ on security issues. Many are, but many
> aren't.
>
> I'm not just talking about you applying "here-fix-there-fix", I'm talking
> about making sure that if your machine is connected to the internet that you,
> as the administrator of it, do everything you can: use the tools available to
> log, apply the security fixes that are posted for us (on an incredibly timely
> basis), check passwd vulnerability and change them regularly, turn off
> unnecessary services, etc.... but most important, NOTIFY! If an admin doesn't
> know his/her machine has been compromised, how can he/she possibly fix it.
>
> If you're compromised, we're all vulnerable. There are many places that have
> current information on exploits, tools, and recovering information (CERT,
> FIRST, BUGTRAQ, RootShell. etc.). I suggest if you haven't taken action, that
> you begin right now, or you may be saying those famous last words too.
> </preach>
>
>
> On Fri, 20 Nov 1998, David E. Fox wrote:
> >Well, I never thought it might happen to me, but apparently over
> >the last few days my system was broken into
>
> --
> Nikki Cook
> Kerry Webb
>
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> SunTrix Com Internet Services
> Daytona Beach, Florida
> PPP and Shell Accounts (904) 258-5434
> WEB Design webdesign@mail.suntrix.com
> http://www.suntrix.com
> WEBBnet IRC Network
> irc.webbnet.org | irc.us.webbnet.org
> ftp://ftp.suntrix.com | mail.suntrix.com
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
>
> --
> PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
> http://www.redhat.com http://archive.redhat.com
> To unsubscribe: mail redhat-list-request@redhat.com with
> "unsubscribe" as the Subject.
>
>
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com http://archive.redhat.com
To unsubscribe: mail redhat-list-request@redhat.com with
"unsubscribe" as the Subject.
