Friday, February 28, 1997 4:00:01 AM Message From: The Hotline Users Mailing,Hotline@lists.fwparker.org,Internet Subject: The Hotline Users Digest #47 - 02/28/97 To: Geoff Le Feuvre The Hotline Users Mailing List ,Internet The Hotline Users Digest #47 - Friday, February 28, 1997 I got hacked. by Daniel V. Novatnak Re: I got hacked. by Adam T Re: I got hacked. by Jerry Oday Tubbs Re: I got hacked. by Adam Hinkley ---------------------------------------------------------------------- Subject: I got hacked. From: "Daniel V. Novatnak" Date: Thu, 27 Feb 1997 08:23:45 +0000 This is a message that I recieved from a "good sameritian" who saved my server from abuse. <--Begin forwarded text--> Hi, I was logged on last night at about 3:45 am when the only other online user messaged me to check out the 'news'. in it he'd posted the admin pass + he'd apparently logged in and changed the user privlages so that guests could delete files... knowing how much I'd hate it if that ever happened to my server I logged off then logged back in as admin and made the following changes: 1)made it so that guests could no longer delete files 2)made it so that guests could not read the 'news' as to have access to the pass 3) for extra assurance I changed the admin info to the following: name: ******** user: ******** pass: ******** well... I don't think anyone had time to delete things... except for the initial person who posted the pass... hope everything works out - elguapo <--end forwarded text--> The hacker's name was Kenetico...be aware! Thankfully nothing was lost. All files "deleted" from hotline were in the trashcan. How could someone hack my server, get full access and mess up a perfectly good time? I thought all the security holes were sealed in back in b18. Concerned, Daniel V. Novatnak, Contractor 206.66.174.2, The Pagehaus ---------------------------------------------------------------------- Subject: Re: I got hacked. From: Adam T Date: Thu, 27 Feb 1997 15:31:52 -0400 The same thing happened to a friends server... someone logged in and deleted all the files... ???? -Adam (_Iris) President/Sys Admin ApolloNet "Things Mean What You Want Them To" Alice in Wonderland "I find my life is a lot easier the lower I keep everyone's expectations." Calvin and Hobes. It is easier to ask forgivness, than permission. ---------------------------------------------------------------------- Subject: Re: I got hacked. From: Jerry Oday Tubbs Date: Thu, 27 Feb 1997 16:43:10 -0500 (EST) Well, to keep users from being able to delete all your files do not even give the admin access the ability to delete files... It really makes no sense to have this access unless you are not at the computer where the server is located (which could be true in some circumstances...) In this case, if no user (not even yourself) has the priviledges to delete files then when/if the server is hacked the worst they can do is change log-in preferences... and the sort... Just an idea... Cya, -J. On Thu, 27 Feb 1997, Adam T wrote: > The same thing happened to a friends server... someone logged in and > deleted all the files... ???? > > > > -Adam (_Iris) > President/Sys Admin > ApolloNet > > "Things Mean What You Want Them To" > Alice in Wonderland > > "I find my life is a lot easier the lower I keep everyone's > expectations." Calvin and Hobes. > > It is easier to ask forgivness, than permission. > > > > ---------------------------------------------------------------------- Subject: Re: I got hacked. From: Adam Hinkley Date: Fri, 28 Feb 97 11:35:06 +1100 >Thankfully nothing was lost. All files "deleted" from hotline were in the >trashcan. Oh yes, now I'm thankful I put in the extra time to move files to the trash, rather then deleting them :) >How could someone hack my server, get full access and mess up a perfectly >good time? I thought all the security holes were sealed in back in b18. I find it very hard to believe that someone could hack the b20 server to get the admin password. One exception: if the hacker is on the same LAN as the server, there is a chance that it could be hacked. How many people knew the admin password? Or rather, how many people had access to Open User? New User? ie, could the password have leaked? I have discovered that you only need to tell a very small number of "trusted" people a password, and within days hundreds of people know it. Example: "powertok" !!!!! Also, how many characters long was your password? Could it have been guessed? Since you don't need to type the password in when you connect (use a bookmark), I suggest making the password really long - eg, make it 20 characters long. As a matter of fact, I think I'll make it so that when you hit New User, it fills in a default random 20 character password consisting of letters and numbers. ........................................................... /| _ / | | | Adam Hinkley | |_| | CEO/Software Development | _ | O T L I N E | | | |COMMUNICATIONS hinks@netspace.net.au |_| | | http://netspace.net.au/~hinks/ |/ ---------------------------------------------------------------------- End of The Hotline Users Digest --- Internet Message Header Follows --- Received: from www.fwparker.org by bertrand.ccs.carleton.ca (SMI-8.6/SMI-4.0) id EAA20761; Fri, 28 Feb 1997 04:06:46 -0500 Message-Id: <199702280906.EAA20761.20761@bertrand.ccs.carleton.ca> From: The Hotline Users Mailing List To: The Hotline Users Mailing List Subject: The Hotline Users Digest #47 - 02/28/97 Date: Fri, 28 Feb 97 03:00:01 -0600 Mime-Version: 1.0 Content-Type: text/plain Precedence: Bulk X-List-Software: LetterRip 1.0.2 by Fog City Software, Inc.