[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] SELinux



> > > I have not started the forensics on this box. Pulled it offline and
> > > left it running until I can get to it.
> > 
> > You left it "running" ?
> 
> If you leave your system running you can examine the content that is
> loaded in memory.
> 
> > >
> > > I suspect, but cannot confirm, that it was via SSHv1 that I
> > > inadvertantly left enabled in webmin.
> > >
> > > SuSE want the HD image?
> > 
> > I doubt it...it's not SuSE`s fault anyway :)
>  
> No doubt about that, but maybe they want to play around with it?

That's the point - if it is a configuration issue, they there's nothing 
that we can do about it as SUSE. If there is some exploit that has been 
using a vulnerability that we are not aware of, then it's something 
different.

> I'd ask your local honeynet project, I bet they'll be interessted in it.
> 
> marc


Thanks,
Roman.
-- 
 -                                                                          -
| Roman Drahtmüller <draht@xxxxxxx>   // The mistakes you regret the most in |
  Novell - SUSE Linux AG - Security  // your life are the ones you didn't 
| Nürnberg, Germany                 // commit when you had the chance. (HR)  |
 -                                                                          -

--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here