[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: See what a weak password will get ya?

Hi,

I haven't caught the start of this thread, but how can you be sure your
core utilities have not been altered?

Do have a record of how they looked before the crack (a backup, MD5 sums
etc, AIDE,Tripwire database)?. IMO, you would really need to examine
those binaries on another box against a known equivalent clean copy or
backup/AIDE/Tripwire database before really being sure.


Awais


On Fri, 2004-07-23 at 12:23, Paul Stolp wrote:
> * Monique Y. Mudama <spam@bounceswoosh.org> [2004-07-23 00:04]:
> 
> > I'd add the suggestion to not use obvious usernames like "guest" ... 
> 
> agree -- I will prob. replace this account name
> 
> > 
> > Btw, are you 100% sure they never managed to root you and replace some
> > of your files?
> 
> I wasn't 100% sure I wasn't cracked when I installed, but I am sure that
> my core utilities are the same as before this attempt. This and clean
> chkrootkit are enough for me, as long as I continue to watch what's
> going on.
> 
> Thanks everyone, mostly I was just venting, but hopefully this will help
> prompt anyone who knows of a potential system weakness.
> 
> Paul
> -- 
>
Reply to: