From owner-freebsd-questions@FreeBSD.ORG Thu Jun 19 04:52:01 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 20E8837B401 for ; Thu, 19 Jun 2003 04:52:01 -0700 (PDT) Received: from mail.darq.net (phear.darq.net [213.253.1.14]) by mx1.FreeBSD.org (Postfix) with SMTP id C0A0643FA3 for ; Thu, 19 Jun 2003 04:51:59 -0700 (PDT) (envelope-from loz@darq.net) Received: (qmail 14181 invoked by uid 1013); 19 Jun 2003 11:52:01 -0000 Date: Thu, 19 Jun 2003 12:52:01 +0100 From: Loz To: Jaime Message-ID: <20030619115201.GB27989@bosh.org> References: <20030618111702.GB26199@bosh.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4i cc: freebsd-questions@freebsd.org Subject: Re: ping: sendto: No buffer space available X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Jun 2003 11:52:01 -0000 * Jaime [2003-06-18 12:28]: > On Wednesday, June 18, 2003, at 07:17 AM, Loz wrote: > >Sounds familiar - a friend had a Linux box cracked over the weekend... > >apparently russian script kiddies using a php gallery exploit. Sorry I > >don't have any more details, but I do know that in his case at least > >nothing else was compromised. He found all the answers he needed on > >Google. > > So only his Gallery install was compomised? Or was there a more > direct effect, e.g. a backdoor or rootkit install? No other damage apart from a little trojan ping flooding the network and filling up log files. More details on the Gallery exploit at http://www.linuxadvisory.com/articles.php?articleId=35&page=3 HTH /loz.