North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Rootshell pages hacked

  • From: Michael Freeman
  • Date: Sat Oct 31 16:05:54 1998

It is not a fucking problem in SSH! Jesus christ, people do not listen.
If it had anything to do with ssh, heres what happened. (speculation) A
trusted host was compromised that Kit Knox or another rootshell staff
member used, ssh was trojaned and passwords were snagged, and the intruder
simply walked right in through the front door. Nothing sophisticated,
nothing fancy, no ssh remote exploits.

On Thu, 29 Oct 1998, Adam D. McKenna wrote:

> They claim they were running only qmail, apache and ssh, but who knows if
> that's true.
> 
> I have heard rumours about an ssh exploit but nothing concrete.
> 
> --Adam
> 
> -----Original Message-----
> From: Joe Shaw <jshaw@insync.net>
> To: JR Mayberry <rick@magpage.com>
> Cc: neil <neil@junior.uwc.ac.za>; Russ Haynal <russ@navigators.com>;
> nanog@merit.edu <nanog@merit.edu>
> Date: Thursday, October 29, 1998 2:36 PM
> Subject: Re: Rootshell pages hacked
> 
> 
> I thought they were runnign qmail?
> 
> Joe
> 
> On Thu, 29 Oct 1998, JR Mayberry wrote:
> 
> > Supposedly sendmail 8.9.1 is to blame, not ssh.
> > http://www.sendmail.com/sendmail.8.9.1a.html
> 
> 
> 
>