Date: Thu, 30 Nov 2000 12:13:30 -0800 (PST) From: Brian Behlendorf <brian@collab.net> To: David Talkington <dtalk@prairienet.org> Cc: freebsd-security@FreeBSD.ORG Subject: Re: FreeBSD hacked? Message-ID: <Pine.BSF.4.21.0011301212280.494-100000@localhost> In-Reply-To: <Pine.LNX.4.21.0011301058140.664-100000@sherman.spotnet.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 30 Nov 2000, David Talkington wrote:
> I seem to recall that these guys were the ones who hacked Slashdot
> some time back. Same M.O. -- nothing destructive, left a polite
> calling card, full disclosure of the penetration method. That one
> wasn't a software vulnerability either; just an embarrassing
> configuration problem (unmodified default password, I think!)...
Someone claiming to be {} was also involved in the apache.org hack we had
~6 months ago . How they'd get in? Through a combo of a world-writeable
FTP directory, with a hole in Bugzilla and a poorly configured Mysql
daemon.
Brian
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0011301212280.494-100000>