Security Incidents mailing list archives

ckcool?

From: "Bob Maccione" <Bob_Maccione () hilton com>
Date: Tue, 19 Feb 2002 08:45:01 -0600

I have a friend that got hacked running linux.  Luckly it's an inmature
enough hack that the mess left behind told me what happened.  In this case a
user was created called 'ckcool' and then a rootkit was thrown down.  I'm
going to get the disk from him to see what all was done but one thing
puzzled me.  It seems that the password on the Linksys firewall/router was
also changed.  

Has anyone seen/heard of any vulnerabilities in the Linksys Cable/DSL
router/firewalls?  

thanks
bob


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Current thread:

ckcool? Bob Maccione (Feb 20)
- Re: ckcool? Johan Denoyer (Feb 22)
- Re: ckcool? Chris Wilkes (Feb 22)
- <Possible follow-ups>
- Re: ckcool? Mike Shaw (Feb 22)
- RE: ckcool? Bob Maccione (Feb 22)
- Fw: ckcool? James (Feb 22)