Novell server hacked

["Fergie (Paul Ferguson)" <fergdawg () netzero net>]

Today seems to be a big news day for security-related issues.
Insteda of me posting a slew of them here, just vist my blog
and persue.

I'll post this one here, just because it has a somewhat twisted
humor about it. ;-)

A ComputerWorld article by Jaikumar Vijayan, via NetworkWorld,
reports that:

[snip]

A company server that some workers at Novell apparently used for gaming purposes was hacked into and then used to scan 
for vulnerable ports on potentially millions of computers worldwide, according to an Internet security consultant.

The scans, which have been going on since Sept. 21, are targeted at TCP Port 22 -- the default port for Secure Shell 
(SSH) services. SSH programs are used to log into other computers over a network or to execute remote commands and move 
files between machines in a secure fashion. Scans against the port are often an indication that hackers are looking for 
vulnerable SSH systems that they can break into and take control of.

Kevan Barney, a Novell spokesman, Wednesday confirmed that one of the company’s systems had been compromised. But he 
added that the server was not part of the company’s corporate network nor was it a production server.

Chris Brandon, president of Brandon Internet Security, an Alexandria Va.-based firm that reported the problem to Novell 
Tuesday, said he was first alerted to the hack when a client reported scanning activity several days ago.

[snip]

http://fergdawg.blogspot.com/2005/09/novell-server-hacked.html

- ferg

ps. On a completely unrelated issues, does anyone know of an
_active_ use of a MS05-027 exploit?


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg () netzero net or fergdawg () sbcglobal net
 ferg's tech blog: http://fergdawg.blogspot.com/

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.