Linux Today: Linux News On Internet Time.

RootPrompt.org: Cracked! Part 1: Denial and Truth

May 03, 2000, 14:35 (0 Talkback[s])
(Other stories by Noel)

[ Thanks to Noel for this link. ]

"We were using shadow passwords but had been making all of our connections in the clear. We were not using anything like Kerberos or Secure Shell to log in with. In hind sight we were also not really keeping up with all of the publicly announced security problems. To be fair to us we were all volunteers working in our spare time and not working full time."

"That was the situation we were in the day my phone rang. It was the community network's executive director, he had been called by the owner of an ISP who told him that his ISP had been cracked and that the cracker had been making some of their connections from our site. They said that this guy was really good and were convinced that if he was on a site he had cracked it."

"I was very skeptical, after all how could he have cracked us, we read bugtraq, we upgraded Sendmail every few months we were tight, at least that was what I thought then. I was to become much more humble and experienced over the course of the next few months."

Complete Story

Related Stories: