[8336] in bugtraq
rootshell hacked via ssh-1.2.26
daemon@ATHENA.MIT.EDU (Felix von Leitner)
Wed Oct 28 19:06:18 1998
Mail-Followup-To: bugtraq@netspace.org
Date: Thu, 29 Oct 1998 00:14:58 +0100
Reply-To: Felix von Leitner <leitner@MATH.FU-BERLIN.DE>
From: Felix von Leitner <leitner@MATH.FU-BERLIN.DE>
To: BUGTRAQ@NETSPACE.ORG
On the rootshell home page, there is this notice:
Rootshell Defaced
10/28/98 8:44AM PDT On Wed Oct 28th at 5:12AM PST the main Rootshell
page was defaced by a group of crackers. Entry to the machine was made
via SSH (secure shell) which is an encrypted interface to the machine
at 04:57AM PST this morning. Rootshell was first informed of this
incident at 6:00 AM PST and the site was immediately brought offline.
The site was back up and operational by 8:00AM PST.
They also mention that they used ssh-1.2.26 (the current version) and
their port 22 is not blocked (presumably firewalled away).
Does anyone have any further info? This should probably leave a _lot_ of
us quite restless tonight...
Felix
