intrusion tracking

Wolfgang S. Rupprecht wolfgang.rupprecht at gmail.com
Wed Jan 26 20:51:23 UTC 2011


Joe Zeff <joe at zeff.us> writes:
> On 01/25/2011 02:34 PM, Wolfgang S. Rupprecht wrote:
>>    That lowered ssh security allowed a second intrusion at user
>> level (probably by password guessing)
>
> No need. Once they had root they could add a user and use that for their 
> user-level work.

I understand.  I believe they were two unrelated breakins by different
people, the second breakin was enabled by the lax security caused by the
first.

-wolfgang
-- 
Wolfgang S. Rupprecht      http://www.wsrcc.com/wolfgang/      (IPv6-only)


More information about the users mailing list