Debian Stable server hacked

2003-08-06 Thread Thijs Welman
oment i wouldn't know how, so suggestions are more than welcome. Unfortunately i don't have the resources to get an IDS system up and running... regards and tia, Thijs Welman Delft University of Technology the Netherlands - [0] My server is running Debian stable with: - linux-2.4.

Re: Debian Stable server hacked

2003-08-06 Thread Thijs Welman
? Although I'd expect those to leave the attacker with access to www-data rather than root. Thought of that myself. Checked the apache logfiles and went through the scripts... i don't have any 'candidates' besides Horde-2.1/Imp-3.1 and squirrelmail-1.4.0. But then there's still the www-data -> root question... regards, Thijs Welman

Re: Debian Stable server hacked

2003-08-07 Thread Thijs Welman
Hi, Matt Zimmerman wrote: If you don't also subscribe to debian-security-announce, then you are missing important things like kernel updates. There are several local root exploits in the stock woody kernel which have been fixed by security updates that would not be installed automatically. Yo

Re: another kernel vulnerability

2004-01-05 Thread Thijs Welman
(2004-01-05 13:55 UTC) Changelog: http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.24 regards, Thijs Welman

Re: Debian Stable server hacked

2003-08-07 Thread Thijs Welman
Hi, Matt Zimmerman wrote: If you don't also subscribe to debian-security-announce, then you are missing important things like kernel updates. There are several local root exploits in the stock woody kernel which have been fixed by security updates that would not be installed automatically. You

Re: Debian Stable server hacked

2003-08-08 Thread Thijs Welman
expect those to leave the attacker with access to www-data rather than root. Thought of that myself. Checked the apache logfiles and went through the scripts... i don't have any 'candidates' besides Horde-2.1/Imp-3.1 and squirrelmail-1.4.0. But then there's still the www-data -&g

Debian Stable server hacked

2003-08-14 Thread Thijs Welman
ouldn't know how, so suggestions are more than welcome. Unfortunately i don't have the resources to get an IDS system up and running... regards and tia, Thijs Welman Delft University of Technology the Netherlands - [0] My server is running Debian stable with: - linux-2.4.21-ac4 custom

Re: another kernel vulnerability

2004-01-05 Thread Thijs Welman
-05 13:55 UTC) Changelog: http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.24 regards, Thijs Welman -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]