Chris (bovinator) wrote,

  • Mood:

Update on server hacking...

Well we found out who did it...  A person from England, who had cable...  We've already checked if they had a Hattrick team, but they don't (not on this IP anyway and cable is usually static IPs).

We know what they did, as griggle luckily had an ssl certificate so that he could log in as root without needing the password.  The funny thing is the hacker didn't clean up after himself, it was all in the history still.  He changed the password, then downloaded a root kit and compiled it into the kernal.  The way he got in, was most probably through an SSH1 vulnerability, which we will be securing against.  If the hacker had not changed the root password we probably may not have ever known he was there...  Oh well. Sucks to be him ;)

  • Post a new comment


    default userpic

    Your reply will be screened

    Your IP address will be recorded 

    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.
  • 1 comment