[99381] in RedHat Linux List
Re: break-in attempt
daemon@ATHENA.MIT.EDU (Gordon Messmer)
Sat Nov 14 00:28:01 1998
Date: Fri, 13 Nov 1998 21:24:17 -0800
From: Gordon Messmer <yinyang@eburg.com>
To: redhat-list@redhat.com
Resent-From: redhat-list@redhat.com
Reply-To: redhat-list@redhat.com
Greg~
Sure, I'm trying to keep up on security issues to better protect my
business and our clients. I'd love to see your logs, so I can keep
abreast of what methods are currently being used (abused).
Thanks
MSG
Greg Fall wrote:
>
> Where should I send logs &c. corresponding to a break-in attempt my
> machine suffered this morning (I mean is there an organization that
> would want to see the files)? The logs clearly indicate scripted
> efforts to get through potential leaks in various daemons that were
> running at the time. I noticed the break-in attempt while it was
> happening, and quickly disconnected my computer from the network. I do
> not believe the attempt was a success, but I'm not sure.
>
> I assembled all the available information in /var/log from the 23
> minutes or so during which the attempt was made and put it in
> chronological order. Anybody wanna volunteer to look over the resulting
> 112 kB collection and give me their impression? Thanks,
>
> G.F.
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com http://archive.redhat.com
To unsubscribe: mail redhat-list-request@redhat.com with
"unsubscribe" as the Subject.
