SLUG Mailing List Archives - Re: [SLUG] Re: slug Digest, Vol 29, Issue 5

To: slug@xxxxxxxxxxx
Subject: Re: [SLUG] Re: slug Digest, Vol 29, Issue 5
From: david.lyon@xxxxxxxxxxx
Date: Mon, 02 Jun 2008 19:57:08 -0400
User-agent: Internet Messaging Program (IMP) H3 (4.1.6)

Quoting Darryl Barlow <dgbarlow@xxxxxxxxx>:

I had the pleasure some years ago of a cracker gaining access to a Linux box
on my work Network running SME Server.

I still do
not know how the attacker located the machine.  I presume it was probably
through a port scan .....

I have seen the same thing with other installs of SME Server. Themachines I saw it on were properly firewalled and not even visible.

People I know have come to the conclusion that it was software alreadyembedded within the system at distribution. It got activated in idletime. It was doing spam mass mailing.


I wonder if this is what you experienced ?

David

Follow-Ups:
- Re: [SLUG] Re: slug Digest, Vol 29, Issue 5
  - From: Daniel Pittman

References:
- [SLUG] Re: slug Digest, Vol 29, Issue 5
  - From: Darryl Barlow

Messages sorted by: [ date | thread ]
Prev by Date: Re: Compromised Linux box stories (Re: [SLUG] upgrading complicated installs)
Next by Date: Re: Compromised Linux box stories (Re: [SLUG] upgrading complicated installs)
Previous by thread: Re: [SLUG] Re: slug Digest, Vol 29, Issue 5
Next by thread: Re: [SLUG] Re: slug Digest, Vol 29, Issue 5