> so, what's the os on that box? do any forensics? what vuln did they use? >
It's OpenBSD 3.0. They got in because i didn't patch my SSH after the latest hole. The really embarrassing part is I got hacked on Aug 1, and i hadn't even noticed until i was trying to look at some logfile, and i discovered i didn't have a /var/log directory. then i did a quick ps -ax, and noticed i was running an http daemon, which i thought was odd, as i never installed one. Popping open the IP in a browser i discovered i had been tagged. Could have been much worse, at least all they did was install a webserver. I found this interview with the group that i thought was pretty funny. http://www.dominasecurity.com/hackerz/bhs.htm -Lkb _______________________________________________ Bits mailing list [EMAIL PROTECTED] http://www.sugoi.org/mailman/listinfo/bits
