l i n u x - u s e r s - g r o u p - o f - d a v i s
Next Meeting:
July 7: Social gathering
Next Installfest:
Latest News:
Jun. 14: June LUGOD meeting cancelled
Page last updated:
2003 Aug 17 06:59

The following is an archive of a post made to our 'vox mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox] Re: Password NOT stolen at linuxworld
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox] Re: Password NOT stolen at linuxworld

On Sun, Aug 17, 2003 at 05:01:30AM -0700, Ryan Castellucci wrote:
> On Mon, Aug 11, 2003 at 01:42:08PM -0700, Ryan Castellucci wrote:
> > OK, guys, here's the scoop... Somebody 0wned my system at
> > work, running debian testing. Installed this lovely password
> > logger, and snagged my password when I used SCPed a file.
> > I found a log file at /usr/lib/mem/mem
> > 
> > Bastards....
> Well, looks like someone installed the same rootkit on cal.net's
> shell on or about april 24...
> There's a rather large /usr/lib/mem/mem file on there, and I may
> have ssh'd into zaphod from cal.net's shell server, and this
> jackass got in from there. I am very, very irritated.

Yup... I just looked at my .ssh/known_hosts

So this is largely cal.net's fault.


$DEITY, I hate script kiddies.

vox mailing list

LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
O'Reilly and Associates
For numerous book donations.