Date: Sun, 23 Jun 1996 18:02:18 -0700 From: Amancio Hasty <hasty@rah.star-gate.com> To: "Jordan K. Hubbard" <jkh@time.cdrom.com> Cc: hackers@FreeBSD.org, security@FreeBSD.org, ache@FreeBSD.org Subject: Re: I need help on this one - please help me track this guy down! Message-ID: <199606240102.SAA01723@rah.star-gate.com> In-Reply-To: Your message of "Sun, 23 Jun 1996 17:25:35 PDT." <7979.835575935@time.cdrom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Try to use ssh so that your password and session are encrypted . This will make further "crack" attempts a bit more difficult. Amancio >From The Desk Of "Jordan K. Hubbard" : > jkh p2 a235.pu.ru Sun04PM - -bash (bash) > > This was "me" on wcarchive.cdrom.com today - when I caught the guy I > starred myself out of the password file and `watch -W'd' him. He > wasn't doing anything special, but when I sent him a "gotcha!" he > attempted to remove my home directory (nothing in it, no loss) and > logged out. That proves this guy to not only be a cracker but a > malicious one at that and, were he to be caught and relieved of his > testicles by the russian mafia, I would be the first to ask for them > in a jar as a momento! :-) > > I'm not one to generally get too upset about this kind of thing, but > breaking into our flagship machine as me is going just a bit too far > (as was trying to nuke my files when caught - I'd have forgiven him > but for that, now I want his balls). > > A traceroute from wcarchive doesn't show me much, but if anybody can > gleen some userful information out of it I'd appreciate it. > > Thanks! > > 5 Helsinki2.FI.EU.net (134.222.228.45) 555.687 ms 518.720 ms 507.602 ms > 6 StPetersburg.RU.EU.net (134.222.23.2) 549.172 ms 592.407 ms 630.928 ms > 7 spb-2-gw.spb.su (193.124.83.66) 547.190 ms 573.518 ms 569.656 ms > 8 hqlgu-LE.pu.ru (193.124.255.134) 519.318 ms 657.805 ms 651.496 ms > 9 slip-0.pu.ru (193.124.85.1) 840.489 ms 671.729 ms 650.750 ms > 10 nat.pu.ru (193.124.85.134) 638.649 ms 653.720 ms 720.170 ms > 11 gw.pu.ru (193.124.85.219) 752.144 ms 645.046 ms 641.413 ms > 12 localhost (127.0.0.1) 670.113 ms 702.233 ms 695.733 ms > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > Interesting! > > Jordan >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199606240102.SAA01723>