And interesting followup this this (AFAIC). I've been receiving SSH Stealth Probe since yesteday. They are all comming from hacked boxes, owned by "./fux0r terrorism". They actually post the data on the boxes. One example (name protected): Linux XXXXX.XXXXXX.net 2.2.14 #2 Wed Feb 2 02:23:05 PST 2000 i686 unknown uid=0(root) gid=1(bin) groups=1(bin),2(daemon),3(sys) 12:48pm up 61 days, 9:05, 0 users, load average: 0.10, 0.03, 0.01 Red Hat Linux release 6.1 (Cartman) Kernel 2.2.14 on an i686 This is an old machine, and I don't have access to any RH6.1 boxes to check which version of SSHD they are running. -- Rodrigo Barbosa - rodrigob at bh.conectiva.com.br Conectiva S/A - Belo Horizonte, MG, Brazil "Quis custodiet ipsos custodiet?" - http://www.conectiva.com/
This archive was generated by hypermail 2b30 : Wed Dec 19 2001 - 08:43:37 PST