Rootshell pages hacked

Michael Freeman mikef at boris.talentsoft.com
Sat Oct 31 14:45:51 UTC 1998


It is not a fucking problem in SSH! Jesus christ, people do not listen.
If it had anything to do with ssh, heres what happened. (speculation) A
trusted host was compromised that Kit Knox or another rootshell staff
member used, ssh was trojaned and passwords were snagged, and the intruder
simply walked right in through the front door. Nothing sophisticated,
nothing fancy, no ssh remote exploits.

On Thu, 29 Oct 1998, Adam D. McKenna wrote:

> They claim they were running only qmail, apache and ssh, but who knows if
> that's true.
> 
> I have heard rumours about an ssh exploit but nothing concrete.
> 
> --Adam
> 
> -----Original Message-----
> From: Joe Shaw <jshaw at insync.net>
> To: JR Mayberry <rick at magpage.com>
> Cc: neil <neil at junior.uwc.ac.za>; Russ Haynal <russ at navigators.com>;
> nanog at merit.edu <nanog at merit.edu>
> Date: Thursday, October 29, 1998 2:36 PM
> Subject: Re: Rootshell pages hacked
> 
> 
> I thought they were runnign qmail?
> 
> Joe
> 
> On Thu, 29 Oct 1998, JR Mayberry wrote:
> 
> > Supposedly sendmail 8.9.1 is to blame, not ssh.
> > http://www.sendmail.com/sendmail.8.9.1a.html
> 
> 
> 
> 




More information about the NANOG mailing list