On Fri, Sep 25, 1998 at 12:36:26AM -0500, [EMAIL PROTECTED] wrote: | christ <[EMAIL PROTECTED]> wrote: | > | > >And btw to all you people telnetting into ANY machine ... STOP! | > >SSH is your friend. Encryption is good. Don't be a gimp and have someone | > >use your account because your password was sniffed. | > | > of course, if you ssh'd into piglet in the last 5 months, you'll need | > to change any passwords you used during the session as they got hacked | > and it took them 5 months to discover that a trojan version was running. This is the first I'd ever heard of this, and I used ssh to and from piglet all the time. If this is actually true, they should have done a *much* better job about getting the word out! This may explain some problems I had a month or two ago, and I really would have liked to know this then ... | Nothing personal to the ccw people or anything like that ... but I've heard | of those machines getting hacked more often than any other system I've ever | worked with ... wasn't the reason piglet got pulled off efnet the fact | that it was so utterly hacked that they didn't trust the server anymore? Actually, piglet wasn't pulled off of Efnet, we just gave up on it and disconnected it ourselves. My account had been wiped at least four times in the time that I'd run the server, and who knows how many times people had gotten in and played around without actually making it obvious. At least once when the hacker had come in after the ircd he'd started deleting ALL of the home directories when I'd caught him ... took about fifteen minutes to convince the guy who was on duty at the Comp center at the time (it was late Sunday night) that this was a problem and that maybe he should call somebody who would actually do something about it ... *sigh* In addition to the security problems, piglet had performance problems that caused ircd to inhale vociferously on it. We'd asked for a dedicated machine, we'd even offered to provide one, but they couldn't do that, so we finally just gave up on it. | I think they should actually get someone in that job that knows security ... | *hint*hint* Jim McCoy seemed to know security pretty well, actually. But he's now at io.com if I recall correctly. In any event, it's next to impossible to keep on top of keeping a shell box like piglet secure, and for the most part the computation center did as well as could be expected. Still, I think they should have provided a dedicated box for high profile cracker targets like the IRC server - it would have made piglet much less of a target, and therefore made their job easier, but oh well - I tried. -- Doug McLaren, [EMAIL PROTECTED] --------------------------------------------------------------------------- Send administrative requests to [EMAIL PROTECTED]
