[prev in list] [next in list] [prev in thread] [next in thread]
List: python-list
Subject: Re: To whoever hacked into my Database
From: Ferrous Cranus <nikos.gr33k () gmail ! com>
Date: 2013-11-14 10:46:29
Message-ID: l629m4$sr8$2 () news ! grnet ! gr
[Download RAW message or body]
Στις 13/11/2013 11:46 μμ, ο/η Ferrous Cranus έγραψε:
> root@secure:~/lib64# ls -al | grep libkey
>
> lrwxrwxrwx 1 root root 20 Jun 22 2012 libkeyutils.so.1 ->
> libkeyutils.so.1.3.0*
> -rwxr-xr-x 1 root root 10192 Jun 22 2012 libkeyutils.so.1.3*
> -rwxr-xr-x 1 root root 32920 Jun 22 2012 libkeyutils.so.1.3.0*
>
> root@secure:~/lib64# rpm -qf libkeyutils.so.1.3.0
> file /lib64/libkeyutils.so.1.3.0 is not owned by any package
>
> ================================
>
> It appears that my server has been compromised with a malicious payload
> designed to sniff for and steal server passwords.
>
> This must have happened when i was handling my root passwords out in the
> open.
>
> Served me well.
Can somebody explain to me why there is so many failed attempts to login
into my linux server under various user accounts?
http://i.imgur.com/5PaZAWu.png
I mean is this some normal background radiation of the Internet or is
something directed to me?
Does this happen on your servers at this extend too?
--
https://mail.python.org/mailman/listinfo/python-list
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic