Rootshell pages hacked

bryan s. blank bryan at supernet.net
Sat Oct 31 21:41:09 UTC 1998


|o| It is not a fucking problem in SSH! Jesus christ, people do not listen.

	try a better choice of words, these show little respect for your
	audience.

|o| If it had anything to do with ssh, heres what happened. (speculation) A   
|o| trusted host was compromised that Kit Knox or another rootshell staff
|o| member used, ssh was trojaned and passwords were snagged, and the intruder
|o| simply walked right in through the front door. Nothing sophisticated,
|o| nothing fancy, no ssh remote exploits.       

	anything is possible.  i don't blame anyone for taking interest
	in possible vunerabilities in their systems.  just because you
	and i don't know of a remote root exploit for a current version
	of ssh doesn't mean one doesn't exist.  i've seen them in older
	versions, and would be stupid not to have some worry of the same
	in current versions.  

|o|----------------------------------------------------------------------|o|
|o| bryan s. blank                                  (203)-351-1178 voice |o|
|o| senior systems analyst                          (203)-351-1186 fax   |o|
|o| discovernet, incorporated                       (203)-979-5126 emerg |o|





More information about the NANOG mailing list