Date: Wed, 22 Jul 1998 23:34:47 +1200 (NZST) From: Andrew McNaughton <andrew@squiz.co.nz> To: Brett Glass <brett@lariat.org> Cc: Jim Shankland <jas@flyingfox.com>, ahd@kew.com, leec@adam.adonai.net, security@FreeBSD.ORG Subject: Re: hacked and don't know why Message-ID: <Pine.BSF.3.96.980722233259.5504B-100000@aniwa.sky> In-Reply-To: <199807220613.AAA26581@lariat.lariat.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 22 Jul 1998, Brett Glass wrote: > Date: Wed, 22 Jul 1998 00:13:29 -0600 > From: Brett Glass <brett@lariat.org> > To: Jim Shankland <jas@flyingfox.com>, ahd@kew.com, leec@adam.adonai.net > Cc: security@FreeBSD.ORG > Subject: Re: hacked and don't know why > > The symptoms aren't hard to understand. As I found out when we > were hit by the same hack, buffer overflow exploits also > hose memory.... The disk cache, kernel data, possibly even page tables > can be corrupted. Nothing's safe. If you do anything to your file > system before rebooting, you can wind up with corrupted directories > and worse. This happened to us. > > --Brett If it's any consolation, this probably means that the hackers overwrote the wrong bit, and failed to effect anything more than a DOS. It should probably be treated as a warning that if you fix things up without finding the problem they might be more successful on the next attempt. Andrew To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980722233259.5504B-100000>