Find the answer to your Linux question:
Page 2 of 2 FirstFirst 1 2
Results 11 to 13 of 13
That sucks that it happened to you. But that has to be the stupidest **** that I have ever heard to make the port 31337. I mean what else but ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #11
    Just Joined!
    Join Date
    Jul 2005
    Location
    NH
    Posts
    41

    That sucks that it happened to you. But that has to be the stupidest **** that I have ever heard to make the port 31337. I mean what else but some script kiddie would do that? It's comical but retarded.

    As a word of advice, first thing that a cracker/script kiddie does if they know what they are doing is look for repeated usernames as passwords and then if that doesnt work, they do solid number combos. So the best thing to do would be to make a password with numbers, and letters that are both uppercase and lowercase. A classic example of the username would be the classic user/admin attempt. But I'm glad that you took this as a learning experience although I would be mighty pissed if it was me.

  2. #12
    Linux Engineer
    Join Date
    Mar 2005
    Posts
    1,431
    As suggested, scan with john the ripper... It's works the same way the cracker would have done it. The best passwords are not based on dictionary words and include numbers, as they take most time to crack (thought if he's running a passwordcracker all month, he might find it, but I suppose you have enough time to detect him in that case...)

  3. #13
    Linux User Stefann's Avatar
    Join Date
    Nov 2004
    Location
    Boise, ID
    Posts
    340
    Quote Originally Posted by jugio
    Ok, found the reason for this mess. One of my users had his password as his user name, so the cracker had guessed the password and installed some nasty programs. I removed the programs and deleted the user.

    I traced the evil person back into another server that he had infiltrated just like mine: guessed well. As nothing serious happened, I guess I'll just take my lesson and leave it here, the other admin may proceed with his investigation if he's interested to do that.
    Don't forget to LART the user, they deserve it for giving a sysadmin hell.
    Nothing is worse than ten penguins fighting over which is better, vi or emacs.
    Registered Linux User #404402
    Finally I'm back on LF after a long while.

Page 2 of 2 FirstFirst 1 2

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •