Re: TRG vger.timpanogas.org hacked

Alan Cox (alan@lxorguk.ukuu.org.uk)
Tue, 5 Jun 2001 08:05:34 +0100 (BST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: George Bonser: "2.4.6-pre1 unresolved symbols"
Previous message: Alan Cox: "Re: [PATCH] fs/devfs/base.c"
Next in thread: Daniel Roesen: "Re: TRG vger.timpanogas.org hacked"
Reply: Daniel Roesen: "Re: TRG vger.timpanogas.org hacked"
Reply: Michael H. Warfield: "Re: TRG vger.timpanogas.org hacked"
Reply: Jeff V. Merkey: "Re: TRG vger.timpanogas.org hacked"

> is curious as to how these folks did this. They exploited BIND 8.2.3
> to get in and logs indicated that someone was using a "back door" in

Bind runs as root.

> We are unable to determine just how they got in exactly, but they
> kept trying and created an oops in the affected code which allowed
> the attack to proceed.

Are you sure they didnt in fact simply screw up live patching the kernel to
cover their traces

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: George Bonser: "2.4.6-pre1 unresolved symbols"
Previous message: Alan Cox: "Re: [PATCH] fs/devfs/base.c"
Next in thread: Daniel Roesen: "Re: TRG vger.timpanogas.org hacked"
Reply: Daniel Roesen: "Re: TRG vger.timpanogas.org hacked"
Reply: Michael H. Warfield: "Re: TRG vger.timpanogas.org hacked"
Reply: Jeff V. Merkey: "Re: TRG vger.timpanogas.org hacked"