Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Incidents
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: FW: [Intrusions] Linux SSH scanning - test/guest

from [Christine Kronberg] Network Security [Permanent Link]
Subject: Re: FW: [Intrusions] Linux SSH scanning - test/guest
Date: Mon, 13 Sep 2004 18:40:04 +0200 (CEST)
On Sun, 12 Sep 2004, Sebastian Jaenicke wrote:
On Wed, Sep 08, 2004 at 02:51:52AM +0200, Sebastian Jaenicke wrote: 
I just setup an account "guest" with password "guest" and a shell modified
to log commands via syslog[0].


Addendum: Later, the attacker returned and installed an IRC bouncer;
I couldn't resist, joined IRC and talked to him (from another host).

Complete list of commands, files and IRC log here:

http://www.jaenicke.org/sk/ 

  Great. :-)
  Did the same and watched the same guy. Except that my shell did
  not allow him/her to install anything. Just uploading. Was quite
  a fun to observe him and other guys trying to get things running.
  It's amazing how much patience they show in trying to exploit a
  system even if things clearly won't work. Well, one of the guy
  uploaded sparc binaries on my linux node and tried to execute it.
  :-)
  I'm still in the process to gather all data for documentation.

  Cheers,


                                                   Chris Kronberg.

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Wireless router behaviour, David Gillett
Next by Date:  Re: Wireless router behaviour, Kevin Reardon
Previous by Thread:  Re: FW: [Intrusions] Linux SSH scanning - test/guest, Sebastian Jaenicke
Next by Thread:  unusual 1.11.0.0/16 outbound traffic, Federico Grau
Indexes:  [Date] [Thread] [Top] [All Lists]