To whoever hacked into my Database
Ned Batchelder
ned at nedbatchelder.com
Wed Nov 13 16:52:46 EST 2013
On Wednesday, November 13, 2013 4:46:59 PM UTC-5, Ferrous Cranus wrote:
> root at secure:~/lib64# ls -al | grep libkey
>
> lrwxrwxrwx 1 root root 20 Jun 22 2012 libkeyutils.so.1 ->
> libkeyutils.so.1.3.0*
> -rwxr-xr-x 1 root root 10192 Jun 22 2012 libkeyutils.so.1.3*
> -rwxr-xr-x 1 root root 32920 Jun 22 2012 libkeyutils.so.1.3.0*
>
> root at secure:~/lib64# rpm -qf libkeyutils.so.1.3.0
> file /lib64/libkeyutils.so.1.3.0 is not owned by any package
>
> ================================
>
> It appears that my server has been compromised with a malicious payload
> designed to sniff for and steal server passwords.
>
> This must have happened when i was handling my root passwords out in the
> open.
>
> Served me well.
This has nothing to do with the topic of this mailing list. Please don't post it here.
--Ned.
More information about the Python-list
mailing list