should i publish a list of cracked machines?

• Previous message (by thread): should i publish a list of cracked machines?
• Next message (by thread): should i publish a list of cracked machines?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 23 Aug 2001, Jim Mercer wrote:

> i found one of my boxes was cracked (probably due to the BSD telnetd overflow).
> 
> in any case, i found a file in the cracker's directory containing what i think
> is a list of other servers which might be hacked.
> i think the list also includes the passwords for using the trojan.
> 
> on my server, i found a trojan daemon, allowing ssh on an 14000 series port.
> 
> i was gonna just post the list of hosts here, but then, maybe not.
> 
> what is the appropriate feeling?

Suggest you first notify CERT. If the list is manageable in size, perhaps 
you may also want to write to the sysadmins/network owners whose boxen
were compromised. Publishing such list in the open may not be such a hot
idea, for obvious reasons...

--Mitch
NetSide

• Previous message (by thread): should i publish a list of cracked machines?
• Next message (by thread): should i publish a list of cracked machines?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]