SCIENTIFIC-LINUX-USERS Archives

September 2008

SCIENTIFIC-LINUX-USERS@LISTSERV.FNAL.GOV
Options: Use Monospaced Font
Show HTML Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Security Breach
From:
Eduardo Bach <[log in to unmask]>
Reply To:
Eduardo Bach <[log in to unmask]>
Date:
Tue, 30 Sep 2008 16:17:50 -0300
Content-Type:
multipart/alternative
Parts/Attachments:
text/plain (417 bytes) , text/html (464 bytes) 
Hello to all,

One of our servers was invaded. We just started the investigations, but the
main clue, plus some strange files copied and deleted, is that sshd binary
has changed. Its original size was ~313KB and moved to 1.18Mb. His version
was 3.9p1-11.e4_7. As we at the beginning of investigations, I wonder if
anyone had similar problem, or have any clue on how the intruder may have
entered?
Thanks in advance.

Eduardo Bach

ATOM RSS1 RSS2