Re: Debian Stable server hacked

To: debian-security@lists.debian.org
Subject: Re: Debian Stable server hacked
From: Wolfgang Fischer <Wolfgang_.fischer@freenet.de>
Date: Thu, 07 Aug 2003 22:55:58 +0200
Message-id: <[🔎] pan.2003.08.07.20.55.57.929286@freenet.de>
References: <hxt1.RO.23@gated-at.bofh.it>

Hi,
maybe a legitimate user account combined with a local root exploit have
been used to crack the server. Does this server has any legitimate user
accounts? Are you sure you trust this users? Are you sure they (or you)
don't write their passwords on a piece of paper?

Who has local access to the server (unprotected LILO/Grub, booting from
CDROM (KNOPPIX), mount the hd on another system)? Even if it might be
manipulated, you should check the uptime of the system.

Reply to:

debian-security@lists.debian.org
Wolfgang Fischer (on-list)
Wolfgang Fischer (off-list)

Prev by Date: Re: Debian Stable server hacked
Next by Date: Curriculum
Previous by thread: Re: Debian Stable server hacked
Next by thread: Curriculum
Index(es):
- Date
- Thread