On Mon, Nov 24, 2003 at 11:38:04AM +0200, Muli Ben-Yehuda wrote: > On Mon, Nov 24, 2003 at 10:49:43AM +0200, Maxim Kovgan wrote: > > On Sun, 23 Nov 2003, Noam Rathaus wrote: > > > > hi Noam! > > it is great you've brought up the subject, > > and if u find more info on what exactly was there, > > please post it on here. >
Some preliminary conclusions are at http://lists.debian.org/debian-devel-announce/2003/debian-devel-announce-200311/msg00012.html Do notice the disclaimer at the beginning of that message. Bottom line of that report, as I understand it: 1. A sniffed password was used to access an (unprivileged) account on one machine. 2. At the time of the posting, the writer believes there is as of yet an unknown local root exploit used to go from having local unprivileged access to having root. This exploit was used to gain access to other machines. 3. A flaw in the kernel code of the Suckit rootkit that was installed and the aide monitor tool exposed the intrusion. -- "If you have an apple and I have an apple and we exchange apples then you and I will still each have one apple. But if you have an idea and I have an idea and we exchange these ideas, then each of us will have two ideas." -- George Bernard Shaw (sent by shaulk @ actcom . net . il) ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
