VanLUG Email Archive

Re: Why Do Hackers Do This?

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Brian Edmonds: "Re: Linux at COMDEX/Canada West '99"
• Previous message: Matthew.Rice@ftlsol.com: "The Consultant Registry (was Linux at COMDEX/Canada West '99)"

Good question. They could have been using a rootkit that did it for
them, and they really had no clue.

One Linux machine I manage was compromised last summer via a named
exploit, and the moron uploaded a root kit. I wouldn't have noticed
immediately except that the kit replaced the qpopper inetd config with a
line for ipop3d, which I hadn't configured, and thus no one could read
mail.

I say morons, as the cracker (note, not hacker) didn't actually get very
far on the system. The rootkit came mainly as source, and that machine
doesn't have a compiler. :)

Brian.

• Next message: Brian Edmonds: "Re: Linux at COMDEX/Canada West '99"
• Previous message: Matthew.Rice@ftlsol.com: "The Consultant Registry (was Linux at COMDEX/Canada West '99)"