Kai Schaetzl wrote: > Nick wrote on Thu, 04 May 2006 14:43:20 +1000: > >> Bindz.... hmm. telnetting to the port gave me a root shell > You should suspect some php app or at least a web-based intrusion. > Break-ins this way usually don't get the intruder a root shell. And what Yeppers. From interest, was the box selinuxed up Nick? Because AIUI that should have said no to running shells from Apache. -Andy -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 4492 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.centos.org/pipermail/centos/attachments/20060504/ad896898/smime.bin
Uselib24/bindz - owned!
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Uselib24/bindz - owned!
- From: andy at warmcat.com (Andy Green)
- Date: Thu May 4 10:19:57 2006
- In-reply-to: <VA.000021e8.1d1fd1e1@xxxxxxxxxxxxxxxxxx>
- References: <44598668.3010209@xxxxxxxxxxxxxxxxxxxxxx> <VA.000021e8.1d1fd1e1@xxxxxxxxxxxxxxxxxx>
- References:
- Uselib24/bindz - owned!
- From: Nick
- Uselib24/bindz - owned!
- From: Kai Schaetzl
- Uselib24/bindz - owned!
- Prev by Date: Re: [CentOS-announce] CESA-2006:0420 Moderate CentOS 4 s390(x) ethereal - security update
- Next by Date: Uselib24/bindz - owned!
- Previous by thread: Uselib24/bindz - owned!
- Next by thread: Re: [CentOS-announce] CESA-2006:0420 Moderate CentOS 4s390(x) ethereal - security update
- Index(es):
 |