Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1998_4

Bugtraq archives for 4th quarter (Oct-Dec) 1998: rootshell hacked via ssh-1.2.26

rootshell hacked via ssh-1.2.26

Felix von Leitner (leitnerMATH.FU-BERLIN.DE)
Thu, 29 Oct 1998 00:14:58 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Michal Zalewski: "Sendmail, lynx, Netscape, sshd, Linux kernel (twice)"
Previous message: John Horn: "Re: Firewall-1 Security Advisory"

On the rootshell home page, there is this notice:

   Rootshell Defaced
   10/28/98 8:44AM PDT On Wed Oct 28th at 5:12AM PST the main Rootshell
   page was defaced by a group of crackers. Entry to the machine was made
   via SSH (secure shell) which is an encrypted interface to the machine
   at 04:57AM PST this morning. Rootshell was first informed of this
   incident at 6:00 AM PST and the site was immediately brought offline.
   The site was back up and operational by 8:00AM PST.

They also mention that they used ssh-1.2.26 (the current version) and
their port 22 is not blocked (presumably firewalled away).

Does anyone have any further info?  This should probably leave a _lot_ of
us quite restless tonight...

Felix

Next message: Michal Zalewski: "Sendmail, lynx, Netscape, sshd, Linux kernel (twice)"
Previous message: John Horn: "Re: Firewall-1 Security Advisory"