[99173] in RedHat Linux List
break-in attempt
daemon@ATHENA.MIT.EDU (Greg Fall)
Thu Nov 12 17:02:56 1998
Date: Thu, 12 Nov 1998 17:02:18 -0500 (EST)
From: Greg Fall <gmf@dweezil.dyn.ml.org>
To: redhat-list@redhat.com
Resent-From: redhat-list@redhat.com
Reply-To: redhat-list@redhat.com
Where should I send logs &c. corresponding to a break-in attempt my
machine suffered this morning (I mean is there an organization that
would want to see the files)? The logs clearly indicate scripted
efforts to get through potential leaks in various daemons that were
running at the time. I noticed the break-in attempt while it was
happening, and quickly disconnected my computer from the network. I do
not believe the attempt was a success, but I'm not sure.
I assembled all the available information in /var/log from the 23
minutes or so during which the attempt was made and put it in
chronological order. Anybody wanna volunteer to look over the resulting
112 kB collection and give me their impression? Thanks,
G.F.
--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--
___
/. \ Gregory Fall Phone: 734-913-4662
\/ / University of Michigan Fax: 734-763-7130
\ \ 2455 Hayward Street email: gmfall@engin.umich.edu
__/_/ Ann Arbor, MI 48109 gmf@dweezil.dyn.ml.org
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com http://archive.redhat.com
To unsubscribe: mail redhat-list-request@redhat.com with
"unsubscribe" as the Subject.
