From owner-freebsd-questions Wed Jul 24 21:52:49 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A54C437B400 for ; Wed, 24 Jul 2002 21:52:42 -0700 (PDT) Received: from labs.unixhideout.com (dsl-65-187-193-189.telocity.com [65.187.193.189]) by mx1.FreeBSD.org (Postfix) with ESMTP id C1C4E43E77 for ; Wed, 24 Jul 2002 21:52:40 -0700 (PDT) (envelope-from sagacious@unixhideout.com) Received: from MIKESBOX ([192.168.1.10]) by labs.unixhideout.com (8.12.5/8.12.3) with ESMTP id g6P4qcHO001323 for ; Thu, 25 Jul 2002 00:52:38 -0400 (EDT) (envelope-from sagacious@unixhideout.com) From: "sagacious" To: Subject: RE: Watching users Date: Thu, 25 Jul 2002 00:52:36 -0400 Message-ID: <000001c23397$18db78f0$0a01a8c0@MIKESBOX> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2627 X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 In-Reply-To: <00a401c23396$537fa360$2afececd@TCOOPER> Importance: Normal Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Your all using the word hacker in improper terms. Your giving these childish teenage fools, who have way too much time on their hands with mommies new Compaq, and absolutely no respect for other peoples property way to much credit. Whatever happened to "If its not yours don't touch it?" Because your traveling through a wire means its _ok_? Anyhow the word you are looking for is cracker. And im not so sure the "real" blackhat crackers if you will, are wasting their time on this list chock full of newbies who have nothing they want.. As far as sshd security goes I continuously see people still running telnet, so if that doesn't scare you I don't know what will. We all secure to the best of our ability and knowledge, and learn as much as we can. And a lot of the time, while these fools poke at my /our systems, and cause me to have to learn new things while all they can do is crack? My resume gets thicker, so I really cant complain. I lucked out on this compromise. I lost nothing, yet gained everything. ;) sagacious (Mike) Network administrator The unixhideout network http://www.unixhideout.com -----Original Message----- From: owner-freebsd-questions@FreeBSD.ORG [mailto:owner-freebsd-questions@FreeBSD.ORG] On Behalf Of Grant Cooper Sent: Thursday, July 25, 2002 12:47 AM To: Michael Sharp Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Watching users True true, I will man jail. A new term for the hour :) . My point is, list such as these are a gold mine for hackers who want to launch attacks from compromised systems. Not so much to harm me but to harm you. :) And as a user of Unix I feel some responsibility to try and lock down my system but you can only learn so much in so little free time. ----- Original Message ----- From: "Michael Sharp" To: Cc: Sent: Wednesday, July 24, 2002 10:07 PM Subject: Re: Watching users > Grant Cooper said: Just because you see some anonymous FTP activity and > some telnet activity dosent mean there are blackhats on this list > targeting you. As for secure shell, its history compared to FTP cant > even be compared. Did you upgrade SSH when you saw the vulnerability, > or did you a week, or two later? Do you update ports, or patch core > when issues arise? My advice, man jail > > You know what, as soon as you say your a newbie on this list your > > bound to be attacked. After advertising my domain I was flooded with > > anonymous ftp, telnet. This is a perfect place for BHH (Black Hat > > Hackers) to find newbies to compromise and teach a lesson about > > security. How fun. :) > > > > P.S. hehe, I was under the impression that SSH was suppose to be a > > secure shell. I will stick with the old FTP. > > > > paranoia continues..... > > > > ----- Original Message ----- > > From: "sagacious" > > To: > > Sent: Wednesday, July 24, 2002 9:09 PM > > Subject: RE: Watching users > > > > > >> >Hmm... So you want something that will simply just flip a switch > >> and > >> let >you know if/when someone logs in or out. I won't ask why. :-) > >> > >> > >> My box got rooted the other day via that sshd exploit. He was > >> defacing my webpage and causing trouble. I didn't even know it. He > >> started hiding what he was doing so he could keep root. The funny > >> thing is the only reason I still have a box is because I was going > >> on vacation so for the hell of it I closed port 22 in my router. I > >> locked him out without even knowing it. I have people that need to > >> login now that I'm back but I need to see who and what from ips.. > >> For all I know this tool downloaded my master.passwd. > >> Thanks for your help. > >> > >> sagacious (Mike) > >> Network administrator > >> The unixhideout network > >> http://www.unixhideout.com > >> > >> > >> > >> > >> To Unsubscribe: send mail to majordomo@FreeBSD.org > >> with "unsubscribe freebsd-questions" in the body of the message > >> > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-questions" in the body of the message > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message