Date: Mon, 06 May 2002 21:00:02 -0400 From: Sam Drinkard <sam@wa4phy.net> To: security@freebsd.org Subject: Woot project Message-ID: <3CD72712.37CB5750@vortex.wa4phy.net>
next in thread | raw e-mail | index | archive | help
Hello list,
I just discovered I have been hacked on my main webpage from
apparently the Woot project kiddies. I assume, right after the attack,
I received an email from some outfit called alldas.org. My problem is
this. According to what I have read about the woot project, access is
gained by portscanning for the presence of SSH-1. I don't have SSH-1 or
2 active at the moment, so I'm wondering how access was gained. Have
searched all the log files for unusual activity, and nothing is apparent
so far. The message left at the bottom of my main page was:
FreeBSD vortex.wa4phy.net 4.5-STABLE sexcii... - [sYn] of woot-project
Aside from the SSH-1 vulunerabilities, is there any other known
entry points associated with this cracker group?
Thanks..
Sam
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3CD72712.37CB5750>