Security breaches


Title: twin hantu's login trojan horse Machine: burro.monkeybrains.net OS: Linux 2.1? URLs: 1. http://www.sans.org/y2k/050900-1500.htm 2. http://staff.washington.edu/dittrich/misc/trinoo.analysis Summary (notes taken during comprimise analysis):
Time to reformat that machine with FreeBSD!!!
	

Another breakin this week... at a place I contracted at for a few hours. They too were running Linux. I patched up all the messed up binaries with new rpm... More info
Here are the people (and bots) who have looked at this page: gunzip -c /www/logs/archive/access-www.monkeybrains.net.gz | grep ' /security' | awk '{print $1}' | sort -u | nslookup | grep Name: *** lala.monkeybrains.net can't find 208.37.12.165: Non-existent host/domain *** lala.monkeybrains.net can't find 208.48.124.4: Server failed *** lala.monkeybrains.net can't find 212.150.51.90: Non-existent host/domain *** lala.monkeybrains.net can't find 216.34.109.191: Non-existent host/domain *** lala.monkeybrains.net can't find 216.34.109.192: Non-existent host/domain Name: ras-c5800-1-49-73.dialup.wisc.edu Name: kremlin.cs.uidaho.edu Name: mail.skynet.gr Name: ss06.ny.us.ibm.com Name: ss11.ny.us.ibm.com Name: AKCF1.xtra.co.nz Name: aspseek.swusa.com Name: 208.184.110.33.svwh.net Name: marvin.northernlight.com Name: lb1.antarcti.ca Name: j6000.inktomi.com Name: cr032r01.bos2.fastsearch.net Name: router-sj.atomz.com Name: gw03.webtop.com Name: gw04.webtop.com Name: www.britton-gw-uk.proteusweb.com Name: adsl-216-103-213-34.dsl.snfc21.pacbell.net Name: dhcp-197.sf.bmarts.com Name: www.ip3000.com Name: www.ip3000.com Name: d83b38fc.dsl.flashcom.net Name: adsl-63-203-32-98.dsl.snfc21.pacbell.net Name: adsl-63-203-75-141.dsl.snfc21.pacbell.net Name: crawler3.googlebot.com Name: crawler1.googlebot.com Name: crawler2.googlebot.com Name: router-sc.atomz.com
This page was created to keep track of security breaches on the MonkeyBrains network.
(I hope rk is friendly hehehe)