|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Lance Spitzner (lance
SPITZNER.NET)Date: Mon Jan 15 2001 - 18:52:28 CST
The Honeynet Project has logged a large amount
of rpc.statd activity in the past three months.
Based on this activity we estimate the average
life span of a standard, unsecured Red Hat 6.2
system is two to three weeks. We have had 6
unsecured linux honeypots compromised since
November.
Also, we have noticed a new trend among the
blackhat community, they are no longer determining
the OS type of the victim. We have both Linux
and Solaris systems within our Honeynet. We
have consistently seen the Solaris honeypot
hit with Linux exploits.
/var/adm/messages
Dec 28 22:10:53 solaris rpc.statd[336]: gethostbyname error ...
Jan 4 00:49:03 solaris rpc.statd[1711]: gethostbyname error ...
Jan 5 14:07:48 solaris rpc.statd[1711]: gethostbyname error ...
Jan 7 07:18:39 solaris rpc.statd[1711]: gethostbyname error ...
Jan 9 16:02:19 solaris rpc.statd[1711]: gethostbyname error ...
lance
http://project.honeynet.org
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]