|
Security Incidents
mailing list archives
Re: Possible remote vulnerability in SSH-1.2.27
From: Alexandru Balan <jay () iNES RO>
Date: 04 Oct 2002 11:08:43 +0300
Bottom line, just have a tripwire installed/configured and you'll "have" them by dinner. Maybe they think "hey its so
simple that they wont even see it or bother to remove it", who knows..
Assuming you have 'em. What then ? Sue them ? afaik they have to be
caught _in the act_ .A few days ago i saw a policeman searching a
windows machine for logs regarding Credit Card fraud. He searched in "My
Documents" and that was that. Well, i ask you gents.. how would that man
tell the difference between a "l33t h3x0r" DDOS-ing and a peaceful
BitchX user ? (both sittin' next to one another with putty sessions
open).
About tripwire... i don't have the patience to setup tripwire on a P1
90Mhz 16Mb RAM. A guy gave a better idea on another list. Simply mv
wget,ftp,lynx and all regular progs used by skiddies sumplace else and
that would discourage them a bit (i find the situation rather amusing
myself).
--
Jay (need fresh coffee)
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com
 By Date 
By Thread
Current thread:
| 
Intro
