[Dshield] OpenSSH exploit in use

Jeff D kabal at ev01.net
Fri Sep 26 17:00:46 GMT 2003


On Fri, 26 Sep 2003, Nike wrote:

> In private school I go, we had two Linux boxes compromised last week,

<snip>

>
> Common factors we come up were
>  1. Both were using putty from class computers. The guy with debian was
> logged as root before all his files were removed.
>  2. Both computers did run irc client which was connected to qnet &
> ircnet
>  3. Both was off computer for longer time when files were deleted.
>
> Has anybody else had same experiences or know if there is some kind of
> exploit tool going around?
>
> // Nikerabbit // This is the end of all hope
> <Telerium>  Hän oli apinamies, hän ei antanut periksim sillä apinamiehen
> työ on apinoida joka yö.
>

Could it be possible that the classroom machines have keyloggers
installed on them?


==                                                                   ==
       Human beings were created by water to transport it uphill.
==                                                                   ==




More information about the list mailing list