[21010] in North American Network Operators' Group
Re: Rootshell pages hacked
daemon@ATHENA.MIT.EDU (bryan s. blank)
Sat Oct 31 16:56:31 1998
From: "bryan s. blank" <bryan@supernet.net>
To: mikef@boris.talentsoft.com
Date: Sat, 31 Oct 1998 16:41:09 -0500 (EST)
Cc: adam@flounder.net, nanog@merit.edu
|o| It is not a fucking problem in SSH! Jesus christ, people do not listen.
try a better choice of words, these show little respect for your
audience.
|o| If it had anything to do with ssh, heres what happened. (speculation) A
|o| trusted host was compromised that Kit Knox or another rootshell staff
|o| member used, ssh was trojaned and passwords were snagged, and the intruder
|o| simply walked right in through the front door. Nothing sophisticated,
|o| nothing fancy, no ssh remote exploits.
anything is possible. i don't blame anyone for taking interest
in possible vunerabilities in their systems. just because you
and i don't know of a remote root exploit for a current version
of ssh doesn't mean one doesn't exist. i've seen them in older
versions, and would be stupid not to have some worry of the same
in current versions.
|o|----------------------------------------------------------------------|o|
|o| bryan s. blank (203)-351-1178 voice |o|
|o| senior systems analyst (203)-351-1186 fax |o|
|o| discovernet, incorporated (203)-979-5126 emerg |o|
