attack 2
jludwig
wralphie at comcast.net
Tue May 10 23:22:10 UTC 2005
On Tuesday 10 May 2005 06:16 pm, roland brouwers wrote:
> Hello everyone,
>
> Panic...
>
> I noticed accepted passwords for different users, such as root, myself
> and another one, coming from outside:::ffff:213.219.168.50
>
> How is that possible?
> Can I detect somehow what he/she did?
>
> In the mean time I changed passwords.
>
> Roland Brouwers
> Email roland at cat.be
>
You had better check for rootkits and viruses also.
>From http://www.ripe.net/whois
% Information related to '213.219.128.0/18AS9031'
route: 213.219.128.0/18
descr: EDPnet
origin: AS9031
mnt-by: EDP-NET
source: RIPE
Sorry to flame you, but.
You should try to find out what the what the cracker wanted and their intent
in getting into your system.
>From what I read three passwords??? They must be weak passwords!
My passwords are always a minimum of 8 charactors S.A. wsx43210z.
Using words and phrases is VERY BAD! (yes yelling)!!
How is your firewall how tight is it, or, do you have a firewall?
--
John H Ludwig
Common sense is so rare, why do they call it common!!!
Manual customization of this file is not recommended,
BUT WILL BE DONE!!!
More information about the users
mailing list