> I don't want to start this off on as something negative but here goes,
> I do not believe in honeypots at all . You run default install insecure
First off maybe before you go jumping to conclusions you should actually
READ WHAT I POSTED. "A few weeks ago we had a colocation customers machine
get hacked into" Is the start of the very first sentence. I do not, have
not, and will not run a Honeypot. The box I got the logs from was a hacked
into customers machine, not some honeypot. And the logs where logs that
the lame crackers software produced which I found afterward, not something
I had been watching and allowing to happen. The main reason it was
discovered was because the people were annoying others on IRC enough to
get the box flooded a few times which drew our attention, I say again this
was a colocation customers box, not "ours".
> I hope you post the logs online somewhere , I bet those admins would be
> interested to know their networks were comprised after you knew they
I was offering the logs to any interested as they seemed to be possibly
the same people who had broken into the machine of the person I was
replying too, please read before you shoot off your mouth/fingers
regarding liabilities.
--
"And he piled upon the whales white hump, the sum of all the rage and hate
felt by his whole race. If his chest had been a cannon, he would have
shot his heart upon it."
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
Received on Apr 16 2002
Intro
