httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rob Hartill <>
Subject patch for includes security hole
Date Tue, 11 Apr 1995 10:47:31 GMT

Patch E66 uploaded to /incoming at hyperreal.

I'd appreciate it if someone could move it to the appropriate dir
for me.


We had a huge net break in over the weekend, and my hyperreal password
was compromised (along with ~500 local passwds and about 100 outside ones).
Brian changed my password yesterday, but I won't be able to use a new 
password until we know things are secure this end.

If you are interested, our attack came through
and went undetected for days, until the cracker(s) brought down one
of the SunOs machines on our subnet.
I'll forward more info to anyone interested in what was detected.

One theory was that the crackers were looking for someone called
"Shimomura", he recently led the FBI to Kevin D. Mitnick, one
of the most world's most wanted crackers. Shimomura used to work
here. If they are after him, they're really skating on thin ice.


View raw message