[99184] in RedHat Linux List
RE: break-in attempt
daemon@ATHENA.MIT.EDU (Ed Lazor)
Thu Nov 12 17:40:32 1998
From: "Ed Lazor" <elazor@hcs.state.or.us>
To: <redhat-list@redhat.com>
Date: Thu, 12 Nov 1998 14:38:03 -0000
In-Reply-To: <Pine.LNX.4.05.9811121649431.1999-100000@dweezil.dyn.ml.org>
Resent-From: redhat-list@redhat.com
Reply-To: redhat-list@redhat.com
I think you probably want to contact CERT (www.cert.org).
-----Original Message-----
From: Greg Fall [mailto:gmf@dweezil.dyn.ml.org]
Sent: Thursday, November 12, 1998 10:02 PM
To: redhat-list@redhat.com
Subject: break-in attempt
Where should I send logs &c. corresponding to a break-in attempt my
machine suffered this morning (I mean is there an organization that
would want to see the files)? The logs clearly indicate scripted
efforts to get through potential leaks in various daemons that were
running at the time. I noticed the break-in attempt while it was
happening, and quickly disconnected my computer from the network. I do
not believe the attempt was a success, but I'm not sure.
I assembled all the available information in /var/log from the 23
minutes or so during which the attempt was made and put it in
chronological order. Anybody wanna volunteer to look over the resulting
112 kB collection and give me their impression? Thanks,
G.F.
--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--
___
/. \ Gregory Fall Phone: 734-913-4662
\/ / University of Michigan Fax: 734-763-7130
\ \ 2455 Hayward Street email: gmfall@engin.umich.edu
__/_/ Ann Arbor, MI 48109 gmf@dweezil.dyn.ml.org
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com http://archive.redhat.com
To unsubscribe: mail redhat-list-request@redhat.com with
"unsubscribe" as the Subject.
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com http://archive.redhat.com
To unsubscribe: mail redhat-list-request@redhat.com with
"unsubscribe" as the Subject.
