North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: should i publish a list of cracked machines?
On Thu, 23 Aug 2001, Jim Mercer wrote: > i found one of my boxes was cracked (probably due to the BSD telnetd overflow). > > in any case, i found a file in the cracker's directory containing what i think > is a list of other servers which might be hacked. > i think the list also includes the passwords for using the trojan. > > on my server, i found a trojan daemon, allowing ssh on an 14000 series port. > > i was gonna just post the list of hosts here, but then, maybe not. > > what is the appropriate feeling? Suggest you first notify CERT. If the list is manageable in size, perhaps you may also want to write to the sysadmins/network owners whose boxen were compromised. Publishing such list in the open may not be such a hot idea, for obvious reasons... --Mitch NetSide