Hi,

On Wed, Sep 08, 2004 at 02:51:52AM +0200, Sebastian Jaenicke wrote:
> I just setup an account "guest" with password "guest" and a shell modified
> to log commands via syslog[0].

Addendum: Later, the attacker returned and installed an IRC bouncer;
I couldn't resist, joined IRC and talked to him (from another host).

Complete list of commands, files and IRC log here:

http://www.jaenicke.org/sk/

- Sebastian

--
Sebastian Jaenicke Disce aut discede!
whois pgpkey-C81115B1 -h whois.ripe.net|perl -ne's-^certif: *--&&print'

[ reply ]