[CentOS] Uselib24/bindz - owned!

Thu May 4 10:19:52 UTC 2006
Andy Green <andy at warmcat.com>

Kai Schaetzl wrote:
> Nick wrote on Thu, 04 May 2006 14:43:20 +1000:
> 
>> Bindz.... hmm. telnetting to the port gave me a root shell

> You should suspect some php app or at least a web-based intrusion.
> Break-ins this way usually don't get the intruder a root shell. And what 

Yeppers.  From interest, was the box selinuxed up Nick?  Because AIUI 
that should have said no to running shells from Apache.

-Andy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4492 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.centos.org/pipermail/centos/attachments/20060504/ad896898/attachment-0005.bin>