(none)

(none)

Post by Nitin Go » Thu, 26 Sep 1996 04:00:00



Hello,
I have recently been given the task of securing our computer facilities,
which run HP-UX 9.03 . These systems have never been patched before, and
I am sure they contain more holes than swiss cheese ! It is also known
for a fact that some ( 6-7 ) people have gained root access on our systems.
We suspect a few poeple, but have no proof to book them.
My task is to gather proof against these users and plug all holes !
I was hoping that I could get some advice from sysadmins who have previous
experience in such matters.
I have made a list of all suid progs on all our systems and am going through
them . I will have to look up all major holes which were published
for HP-UX 9.03 in last 3 years (help !!). But what troubles me most is how to
track down the hackers! I have yet not figured out a good way to keep
the suspected id's under observation without them figuring it out .
If anybody can give any sort of advice, help, please do so, and mail me.
I will be very grateful to you .
Thanks in advance !

 
 
 

(none)

Post by Lord Linu » Thu, 26 Sep 1996 04:00:00



> Hello,
> I have recently been given the task of securing our computer facilities,
> which run HP-UX 9.03 . These systems have never been patched before, and
> I am sure they contain more holes than swiss cheese ! It is also known
> for a fact that some ( 6-7 ) people have gained root access on our systems.
> We suspect a few poeple, but have no proof to book them.
> My task is to gather proof against these users and plug all holes !
> Thanks in advance !

I have one question. Did they do any damage to the system? If not leave
the users alone and focus on the holes.

 
 
 

(none)

Post by cybercl » Fri, 27 Sep 1996 04:00:00



>Hello,
>I have recently been given the task of securing our computer facilities,
>which run HP-UX 9.03 . These systems have never been patched before, and
>I am sure they contain more holes than swiss cheese ! It is also known
>for a fact that some ( 6-7 ) people have gained root access on our systems.
>We suspect a few poeple, but have no proof to book them.
>My task is to gather proof against these users and plug all holes !
>I was hoping that I could get some advice from sysadmins who have previous
>experience in such matters.
>I have made a list of all suid progs on all our systems and am going through
>them . I will have to look up all major holes which were published
>for HP-UX 9.03 in last 3 years (help !!). But what troubles me most is how to
>track down the hackers! I have yet not figured out a good way to keep
>the suspected id's under observation without them figuring it out .
>If anybody can give any sort of advice, help, please do so, and mail me.
>I will be very grateful to you .
>Thanks in advance !

Depending on how old the machine was....

Regards,
  *clay
----
Check out *clay's Hacked Inhabitants site.  There, you can find source code,
and other things that you won't find ANYWHERE ELSE.  IAll the things you need,
including SunOS files, Linux and UNIX bugs, and a new sendmail bug that hasn't
been patched yet.  Great resource for sysadmins, and h/p'ers alike.

http://www.veryComputer.com/
----