You need to 1) take a chill pill 2) understand that there are plenty of people around that know more than you. I didn't say it might be an ssh exploit based on some idiot's misinterpretation of the bugtraq post. I said it because I have heard rumours that an exploit is *circulating*. If you have *real* information then do not hesitate to post it. But conjecture and denial gets us nowhere. --Adam -----Original Message----- From: Michael Freeman <mikef@boris.talentsoft.com> To: Adam D. McKenna <adam@flounder.net> Cc: Joe Shaw <jshaw@insync.net>; JR Mayberry <rick@magpage.com>; neil <neil@junior.uwc.ac.za>; Russ Haynal <russ@navigators.com>; nanog@merit.edu <nanog@merit.edu> Date: Saturday, October 31, 1998 3:41 PM Subject: Re: Rootshell pages hacked It is not a fucking problem in SSH! Jesus christ, people do not listen. If it had anything to do with ssh, heres what happened. (speculation) A trusted host was compromised that Kit Knox or another rootshell staff member used, ssh was trojaned and passwords were snagged, and the intruder simply walked right in through the front door. Nothing sophisticated, nothing fancy, no ssh remote exploits. On Thu, 29 Oct 1998, Adam D. McKenna wrote:
They claim they were running only qmail, apache and ssh, but who knows if that's true.
I have heard rumours about an ssh exploit but nothing concrete.
--Adam
-----Original Message----- From: Joe Shaw <jshaw@insync.net> To: JR Mayberry <rick@magpage.com> Cc: neil <neil@junior.uwc.ac.za>; Russ Haynal <russ@navigators.com>; nanog@merit.edu <nanog@merit.edu> Date: Thursday, October 29, 1998 2:36 PM Subject: Re: Rootshell pages hacked
I thought they were runnign qmail?
Joe
On Thu, 29 Oct 1998, JR Mayberry wrote:
Supposedly sendmail 8.9.1 is to blame, not ssh. http://www.sendmail.com/sendmail.8.9.1a.html