It is not a fucking problem in SSH! Jesus christ, people do not listen. If it had anything to do with ssh, heres what happened. (speculation) A trusted host was compromised that Kit Knox or another rootshell staff member used, ssh was trojaned and passwords were snagged, and the intruder simply walked right in through the front door. Nothing sophisticated, nothing fancy, no ssh remote exploits. On Thu, 29 Oct 1998, Adam D. McKenna wrote:
They claim they were running only qmail, apache and ssh, but who knows if that's true.
I have heard rumours about an ssh exploit but nothing concrete.
--Adam
-----Original Message----- From: Joe Shaw <jshaw@insync.net> To: JR Mayberry <rick@magpage.com> Cc: neil <neil@junior.uwc.ac.za>; Russ Haynal <russ@navigators.com>; nanog@merit.edu <nanog@merit.edu> Date: Thursday, October 29, 1998 2:36 PM Subject: Re: Rootshell pages hacked
I thought they were runnign qmail?
Joe
On Thu, 29 Oct 1998, JR Mayberry wrote:
Supposedly sendmail 8.9.1 is to blame, not ssh. http://www.sendmail.com/sendmail.8.9.1a.html