> I don't want to start this off on as something negative but here goes, > I do not believe in honeypots at all . You run default install insecure First off maybe before you go jumping to conclusions you should actually READ WHAT I POSTED. "A few weeks ago we had a colocation customers machine get hacked into" Is the start of the very first sentence. I do not, have not, and will not run a Honeypot. The box I got the logs from was a hacked into customers machine, not some honeypot. And the logs where logs that the lame crackers software produced which I found afterward, not something I had been watching and allowing to happen. The main reason it was discovered was because the people were annoying others on IRC enough to get the box flooded a few times which drew our attention, I say again this was a colocation customers box, not "ours". > I hope you post the logs online somewhere , I bet those admins would be > interested to know their networks were comprised after you knew they I was offering the logs to any interested as they seemed to be possibly the same people who had broken into the machine of the person I was replying too, please read before you shoot off your mouth/fingers regarding liabilities. -- "And he piled upon the whales white hump, the sum of all the rage and hate felt by his whole race. If his chest had been a cannon, he would have shot his heart upon it." ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Tue Apr 16 2002 - 10:26:21 PDT