North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: should i publish a list of cracked machines?
On Thu, Aug 23, 2001 at 11:53:38AM -0400, Jim Mercer said: > i found one of my boxes was cracked (probably due to the BSD telnetd overflow). > > in any case, i found a file in the cracker's directory containing what i think > is a list of other servers which might be hacked. > i think the list also includes the passwords for using the trojan. > > on my server, i found a trojan daemon, allowing ssh on an 14000 series port. > > i was gonna just post the list of hosts here, but then, maybe not. > > what is the appropriate feeling? I'd try to contact the owners of the systems in the list personally. Posting such a list of machines thought to be cracked would accomplish little except getting those machines further probed/attacked. I would suggest trying to see what domains the IPs belong to and just shoot out some mail to root@/admin@/hostmaster@ or any other likely admin accounts with a heads up. -- Josha Bronson <firstname.lastname@example.org> Network/Systems/Security Engineer josha.net || dmuz.angrypacket.com