On Mon, 2002-03-04 at 07:12, Mike Manchester wrote:
> Well here it is in his words:
> --------------------------------------
> I reloaded that server last evening and moved all the files over to
> it before I went to bed. So at 11 last night I could ftp in move
> files around and all was well.
>
> Tonight I can't ftp to that box. So there must be a timed something
> another that is rendering the ftp access to that box void after so
> many hours.
>
> At least there is some consistency in that the previous versions
> also worked for a while and then stopped. I thought it had to do
> with the memory or something. Now I'm convinced it's the OS that's
> buggy.
Actually it sounds like he's setting up a stock out-of-the-box RedHat
server, not securing it, and within a few hours it's getting hacked and
he's getting locked out of his own machine.
Does he have direct access to this box to log into the console and check
it for rootkits and whatnot out or is it hosted somewhere he only has
remote access?
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
#!/usr/bin/perl -w
$_='while(read+STDIN,$_,2048){$a=29;$b=73;$c=142;$t=255;@t=map
{$_%16or$t^=$c^=($m=(11,10,116,100,11,122,20,100)[$_/16%8])&110;
$t^=(72,@z=(64,72,$a^=12*($_%16-2?0:$m&17)),$b^=$_%64?12:0,@z)
[$_%8]}(16..271);if((@a=unx"C*",$_)[20]&48){$h=5;$_=unxb24,join
"",@b=map{xB8,unxb8,chr($_^$a[--$h+84])}@ARGV;s/...$/1$&/;$d=
unxV,xb25,$_;$e=256|(ord$b[4])<<9|ord$b[3];$d=$d>>8^($f=$t&($d
>>12^$d>>4^$d^$d/8))<<17,$e=$e>>8^($t&($g=($q=$e>>14&7^$e)^$q*
8^$q<<6))<<9,$_=$t[$_]^(($h>>=8)+=$f+(~$g&$t))for@a[128..$#a]}
print+x"C*",@a}';s/x/pack+/g;eval
usage: qrpff 153 2 8 105 225 < /mnt/dvd/VOB_FILENAME \
| extract_mpeg2 | mpeg2dec -
http://www.cs.cmu.edu/~dst/DeCSS/Gallery/
http://www.eff.org/ http://www.anti-dmca.org/
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 17:39:22 EDT