[plug] Got hacked....

Brad Campbell brad at wasp.net.au
Fri May 16 23:13:48 WST 2008

Did something dumb..
On a world facing box I set up a test account for some mail games I've been playing with u:p 

24 hrs later I have 400 sshd processes running, an irc psybnc and an irc command and control server 
all in /var/tmp/.bash..

Lucky I was all patched up with no local or remote exploits.. but a lot of valuable stuff I have on 
this box is world writable..

A full 'debsums' verified nothing had been tampered with/replaced and I was not rooted.. but a 
wakeup call none the less..

"Human beings, who are almost unique in having the ability
to learn from the experience of others, are also remarkable
for their apparent disinclination to do so." -- Douglas Adams

More information about the plug mailing list