On Tue, 3 Jul 2001, Rafael R. Sevilla wrote:
> I have the GMA website's server right here next to me. It used to run
> Apache on Solaris, but apparently how they defaced it was a helluvalot
> simpler than a security hole. We had a good look and it turns out that
> SOMEONE'S PASSWORD GOT STOLEN. !@#!$@#%@!!!! TELNET LUSERS!!!!
> Ever since I joined this company I've been wondering what the hell kind of
> outfit we're running here...
> Too many ignorant people with the root password. Grr...
>From these two post, do we assume that root's password was stolen?
If it is an ordinary user's password that was stolen, doing that
kind of hack is still quite a challenge, so it must be root's
password that the hacker got.
This is a security issue, and your experience will be very
helpful to all of us who run publicly accessible websites.
PMana
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
