Security Incidents mailing list archives
Re: Redhat 6.2 Honeypot Hacked
From: quentyn () fotango com
Date: Wed, 10 Apr 2002 19:31:51 +0100
Stephen Holcroft wrote:
Hello, My Redhat 6.2 server Honeypot was compromised recently after just 26 minutes of being connected to the internet, it was used as an IRC proxy for two hours after being hacked.
could you provide the disk images like in the honeynet project ? whilst your analysis looks very good, I like to practice my forensic skills ;o) On the same subject does any one else know of any disk images other than those distributed by the honey net project ? I really enjoyed looking through / analyzing them. Q -- ##################### Quentyn Taylor Sysadmin - Fotango ##################### "It's called MSSexchange because, dammit, I want to gnaw my own genitalia off in frustration right now". Chris "Saundo" Saunderson ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Redhat 6.2 Honeypot Hacked Stephen Holcroft (Apr 10)
- Re: Redhat 6.2 Honeypot Hacked quentyn (Apr 10)
- <Possible follow-ups>
- Re: Redhat 6.2 Honeypot Hacked Stephen Holcroft (Apr 11)
- Re: Redhat 6.2 Honeypot Hacked Greg Estabrooks (Apr 15)
- Message not available
- Re: Redhat 6.2 Honeypot Hacked Greg Estabrooks (Apr 16)
- Re: Redhat 6.2 Honeypot Hacked Greg Estabrooks (Apr 15)