Well I am too late to respond to this as I was away. The Indian sever admin are rarely security conscious and mostly at fault. There are hundreds of server running with ftp server with guest / ftp login and with write access to ~home directory. There are hundreds of server running old version of sendmail and qpop which gives root access with a small script. The situation with government server (includes vsnl and dot) which are running older and easily exploitable version of *nix is worst. In fact a few days back I stumbled upon an Indian site which was giving a cute "bash#" prompt when telneted to a eklogin port without password. Best Regards, M.S.Deshmukh, Director. Beta Computronics Pvt. Ltd. Web Site - http://betacomp.com -----Original Message----- From: Ninad Gupte <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] <[EMAIL PROTECTED]> Date: Sunday, February 20, 2000 9:53 AM Subject: [LI] Secure Indian websites >Hello Bhartiya ILugers, > >You may all be aware of the recent news in the media about hacking of >Indian sites by pakistani hackers. This problem seems to be increasing by >the day, and has been causing serious worries to us, sysadmins of >webhosting servers. -------------------------------------------------------------------------- LI is all for free speech, but this list was created for a purpose -- to help popularise Linux in India. If your messages are counterproductive to that purpose, your privileges to submit messages can and will be revoked.
