Help me analysis what did hacker do?

Sam Halliday fommil at yahoo.ie
Thu Jul 17 06:26:46 PDT 2003


Jochen Schroeder wrote:
> Sam Halliday wrote:
> > Ares Liu... what kernel are you running? i have a suspicion this may be the
> > ptrace exploit, simply from the fact that it was the last "big" expoit and
> > the code is publiclaly available; and the cracker clearly didnt have a clue
> > what he/she was doing...
> But that would mean the cracker already had a local account. The ptrace 
> bug is a local not a remote exploit, so the box must have been cracked 
> by some other means as well, to get local access. Still interesting to 
> know how he got access.

the oringial poster still hasn't told us any info about his system. i had
assumed a local cracker because the logs seemed to show someone without a clue.
it is significantly harder to crack a non-local boxen.

either way, im just guessing as to what it was; i am very keen to hear how the
thing was really cracked.

Sam
-- 
The flush toilet is the basis of Western civilization.
-- Alan Coult
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/lfs-security/attachments/20030717/dec2655a/attachment.sig>


More information about the lfs-security mailing list