[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Just getting security paranoid



hi,
so what you actually say is that if i scan your  network from us shell that
is hacked and not on my name that i telneted from .dk university shell that
has 20 users minimum 24hrs a day telnetd anotheeer free shell that have 50
users minimum on line telneted from my box you or anyone can trace it ?
or you say you can trace my real ip from http logs after i used 4 different
proxy server that support freedom on the internet ?
if some hacker really use the hidiing methods i just wrote youll never know
who scanned/hacked your site
and putted ugly web page
i 0wN j00 all
and in worse case made rm to what he didnt liked.

             Moran Zavdi
 Warp Security Response Team.
        moran@sasa.org.il

-----Original Message-----
From: Stanislav Malyshev a.k.a Frodo <frodo@sharat.co.il>
To: Ilya Konstantinov <future@galanet.net>
Cc: ILUG <linux-il@cs.huji.ac.il>
Date: יום שני 13 דצמבר 1999 01:12
Subject: Re: Just getting security paranoid
>
>On the other side, it might be good to put some trap if you want to
>identify and catch someone, but most sysadmins has much more to do than
>investigate every portscan. You may install a tool like logcheck and maybe
>some other abacus tools, which will tell you about "strange" things
>happening, and install some integrity control that would watch your files
>(like tripwire). This probably would help about unskilled attacker (I have
>no experience with _this_ stage of being attacked, so I cannot say much).
>
>IK>> Anyone knows the hacking/kiddies world a little better? What do they
>IK>> look for? Where do they usually update from?
>
>Well, when I was a sort of script kiddie (long time ago...) I looked the
>same places I do now - Bugtraq (and its NT cousin), rootshell, CERT,
>"hacker" conferences and sites, IRC, social engineering, various vendor's
>security alerts, and basically everything marked "security".
>--
>frodo@sharat.co.il \/  There shall be counsels taken
>Stanislav Malyshev /\  Stronger than Morgul-spells
>phone +972-3-9316425 /\  JRRT LotR.
>http://sharat.co.il/frodo/ whois:!SM8333
>
>
>
>
>
>=================================================================
>To unsubscribe, send mail to linux-il-request@linux.org.il with
>the word "unsubscribe" in the message body, e.g., run the command
>echo unsubscribe | mail linux-il-request@linux.org.il
>


To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il