lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-Id: <63AA762C-2618-4B8B-87C6-3FEE74E59B01@plotinka.ru>
Date: Fri, 20 Oct 2006 20:47:04 +0600
From: Victor Grishchenko <gritzko@...tinka.ru>
To: Victor Grishchenko <gritzko@...tinka.ru>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Devil Linux has NO irc bots onboard

Hi!

Just to confirm that we found traces of the actual intrusion. There  
are no IRC bot in Devil Linux 1.2.10 distro. Sorry for my previous  
mail. It was just a coincidence of coincidences both of technical and  
human nature.

Namely, there was an intrusion to a DL host not exposed to the  
internet (low-probability event) made in a short timeframe from  
reboot to the moment the bot was discovered (l-p event). The  
intrusion was made via a chain of DMZ/intranet hosts (lpe). Also, our  
proxy cached a zero-size page for devil-linux.org for unknown reason  
(lpe). There were also other low-probability events.

Devil Linux is OK, we are going to use it in production after  
performing all the necessary exorcism procedures.



					Victor

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ