RE: CRIME Multiple breakins, but can't figure out how

From: Jeff Bryner (jeff@private)
Date: Tue Nov 18 2003 - 21:27:32 PST

Next message: David.Gibson@private: "CRIME FW: AT&T patents anti-antispam technology"

Previous message: Seth Arnold: "Re: CRIME Span time from vulnerability to patch for HTTPD servers"
In reply to: A.J. Weinzettel: "CRIME Multiple breakins, but can't figure out how"
Next in thread: Crispin Cowan: "Re: CRIME Multiple breakins, but can't figure out how"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Have you run any kind of mac time analysis against it? (i.e. macdaddy) That
can sometimes help point to the entry point if the point was on this box.
It could always be something besides the native apps; a home grown app, a
trusted server, etc...

Jeff.

----- Snipped Message-----
From: owner-crime@private [mailto:owner-crime@private]On Behalf Of
A.J. Weinzettel

I have had multiple breakins somehow using different versions of RedHat
(7.1,7.3,&8.0).  This started last week on the 7.1 and 7.3 boxes.  I
have been keeping up on all the latest patches for Apache, Sendmail,
SSH, MySQL.

Next message: David.Gibson@private: "CRIME FW: AT&T patents anti-antispam technology"
Previous message: Seth Arnold: "Re: CRIME Span time from vulnerability to patch for HTTPD servers"
In reply to: A.J. Weinzettel: "CRIME Multiple breakins, but can't figure out how"
Next in thread: Crispin Cowan: "Re: CRIME Multiple breakins, but can't figure out how"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Nov 18 2003 - 22:06:43 PST