[Intrusions] Fw: [Sans04] 0daymon.org

[kenneth gf brown]

didn't actually read the information.. im wearing 
a white hat... see??  

just identified what was causing the "leak" 
I whole heartedly agree that the guys who admin the server 
shoud be shot... running a webserver as root is the fastest 
way to be owned im sure that's not the "only" mistake they 
have made.

I hope some one (the first guy who pointed this out) knocked on their 
door to inform them that the garage door has been left open and did you 
know 3 guys with a moving van are cleaning out the contents... 

(BTW I thought it was next to impossible to run httpd as root without 
changing the defaults set in the make or package) 

do I smell a honey pot ?? 

lammas... every wher I turn ... lammas... 

kenneth gf brown
ceo shadowplay.net


> As a Network Security Analyst, I would probably have a kitten 
> if I saw this information coming from one of our systems.  
> This page would reduced the recon requirements of hacking the 
> system to nothing.  I especially like the fact that it shows 
> "root" as the user in the environment portions of the page.  
> This combine with a detailed listing of the 
> applications/versions that are running would greatly reduce 
> the work need to "own" this system.