On Mon, 5 Mar 2001, Silviu Cojocaru wrote:
> On Sun, 4 Mar 2001, 15:24 -0800 Ben Ocean wrote:
>
> > Here's another one, this one not to *tty1* but rather *pts/1*. Have I been
> > hacked?
> > BenO
>
> Oh yeah. That's a hack! The attacker is (sadly) a romanian.
> Sadly because I'm too and I hate the fact that my homies find such
> activity enjoyfull.
>
> Further more. The ISP is Xnet, one of the bigest/best here. You could
> contact them and try to resolve the problem. Well at least they will
> cancel the guy's account, ISPs here don't have any policies against
> hacking activities (well, mine does).
Well, the attacking SYSTEM appears to have an IP number from Xnet.
It is possible that the actual attacker has hacked into a variety of
systems and is not actually logged in directly to his system. Don't hold
your breath hoping that ISP's will do something. Just re-install and
take proper precautions next time.
Don't waste your own precious energy worrying about trying to track them
down (unless you have nothing better to do, like having a life!), just
re-install, lock yourself down (tcpwrappers (with non-trivial
hosts.deny/allow, portsentry, tripwire, subscribe to the redhat
bugs/updates announcement list and run up2date when notified of an update
being available).
By the way, Romania does not have a monopoly on system crackers: they're
coming from all over the world and probably from most of the world's
"reputable" ISP's.
--
***************************************************************************
Jerry Winegarden OIT/Technical Support Duke University
[EMAIL PROTECTED] http://www-jerry.oit.duke.edu
***************************************************************************
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
