ckcool?

From: Bob Maccione (Bob_Maccioneat_private)
Date: Tue Feb 19 2002 - 06:45:01 PST

Next message: Security Coordinator: "Re: SNMP Scans 02/17/02"

Previous message: Jason Robertson: "DoS attack"
Next in thread: Mike Shaw: "Re: ckcool?"
Reply: Johan Denoyer: "Re: ckcool?"
Reply: Bob Maccione: "RE: ckcool?"
Reply: James: "Fw: ckcool?"
Reply: Chris Wilkes: "Re: ckcool?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I have a friend that got hacked running linux.  Luckly it's an inmature
enough hack that the mess left behind told me what happened.  In this case a
user was created called 'ckcool' and then a rootkit was thrown down.  I'm
going to get the disk from him to see what all was done but one thing
puzzled me.  It seems that the password on the Linksys firewall/router was
also changed.  

Has anyone seen/heard of any vulnerabilities in the Linksys Cable/DSL
router/firewalls?  

thanks
bob


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: Security Coordinator: "Re: SNMP Scans 02/17/02"
Previous message: Jason Robertson: "DoS attack"
Next in thread: Mike Shaw: "Re: ckcool?"
Reply: Johan Denoyer: "Re: ckcool?"
Reply: Bob Maccione: "RE: ckcool?"
Reply: James: "Fw: ckcool?"
Reply: Chris Wilkes: "Re: ckcool?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Feb 20 2002 - 14:14:37 PST