should i publish a list of cracked machines?
Mitch Halmu
mitch at netside.net
Thu Aug 23 15:59:42 UTC 2001
On Thu, 23 Aug 2001, Jim Mercer wrote:
> i found one of my boxes was cracked (probably due to the BSD telnetd overflow).
>
> in any case, i found a file in the cracker's directory containing what i think
> is a list of other servers which might be hacked.
> i think the list also includes the passwords for using the trojan.
>
> on my server, i found a trojan daemon, allowing ssh on an 14000 series port.
>
> i was gonna just post the list of hosts here, but then, maybe not.
>
> what is the appropriate feeling?
Suggest you first notify CERT. If the list is manageable in size, perhaps
you may also want to write to the sysadmins/network owners whose boxen
were compromised. Publishing such list in the open may not be such a hot
idea, for obvious reasons...
--Mitch
NetSide
More information about the NANOG
mailing list