North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: should i publish a list of cracked machines?

  • From: Mitch Halmu
  • Date: Thu Aug 23 12:15:33 2001

On Thu, 23 Aug 2001, Jim Mercer wrote:

> i found one of my boxes was cracked (probably due to the BSD telnetd overflow).
> in any case, i found a file in the cracker's directory containing what i think
> is a list of other servers which might be hacked.
> i think the list also includes the passwords for using the trojan.
> on my server, i found a trojan daemon, allowing ssh on an 14000 series port.
> i was gonna just post the list of hosts here, but then, maybe not.
> what is the appropriate feeling?

Suggest you first notify CERT. If the list is manageable in size, perhaps 
you may also want to write to the sysadmins/network owners whose boxen
were compromised. Publishing such list in the open may not be such a hot
idea, for obvious reasons...