Hacked?
Daniel_Casey at jbhunt.com
Daniel_Casey at jbhunt.com
Fri May 4 04:03:09 GMT 2001
Does you need to have ftp (inbound) turned on for this system? What
about remote root access, could you turn that off? Are you using any
type of software type firewalling?
David Rankin
<drankin at cox-inte To: Bas <list at showme.wox.org>, Samba <samba at us5.samba.org>
rnet.com> cc:
Sent by: Subject: Re: Hacked?
samba-admin at lists
.samba.org
05/03/2001 10:04
PM
Bas wrote:
> Maybe I'm not looking right, but it looks like somebody on the other end
is
> root and accessed your ftp server as user ftp.
>
> You should check the manual pages that come with your ftp server.
>
> Good luck,
> Bas.
>
Bas, that's the problem! Somebody tried to ftp as root into my server!
"They
ain't root, because I'm root!" You know, --me--, my system, I put the
motherboard/hardware together, I loaded Linux, got samba, ftp, ssh, vpn,
etc...
working. IT'S MY BOX! Now, some Korean, "no ethniccentricity implied", has
hackerd my box and I'm (1) worried - what did he/she do and (2) pissed
because
someone who shouldn't be showing up in my logs is! I have read Linksys
router
pages and man pages that say -- this shouldn't happen. OK, so I'll admit
it,
Linksys sucks as a firewall. That still begs the question, who is this
turkey
who tried to hack my system, why did he try to do it (we'll never know),
and
why with all this great security was whoeveritwas able to stay connected
for 41
seconds. Think about it, I'm puzzeled -- not uncommon. My question is what
in
the hell do you do in this situation?
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
More information about the samba
mailing list