Help me analysis what did hacker do?
haaner at gmx.de
Thu Jul 17 07:26:12 PDT 2003
Dagmar d'Surreal wrote:
> Oh, and the hacker didn't _need_ to change the password for root, they
> already managed to get in. j00 w3r3 0wn3d.
What makes you believe that ?
Is it the case of the .bash_history lying around in / ?
Well, this could be a proof for a succesful hack, because only
root has write access to /.
(But the contents of the .bash_history are not a proof!!!)
So my question for the original poster:
1. Did the .bash_history really lie around in /, or was it in a
2. Who was the owner of that file -- which group did it belong to ?
For me the whole looks like a UNIX-newbie who tried something he had
read about in his brand-new "linux hackers guide".
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe lfs-security' in the subject header of the message
More information about the lfs-security