Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to email@example.com.
Well, the problem is that the hackers have been using the machine (IRC Bot) longer than I've been working here. It is really pretty sad, from the logs, I was able to determine that they have been inside for about six months. I don't think they hacked CVSNT itself, but simply guessed a password for the postgres account, I am not sure, and no one seems to know why they postgres account had login access. In any case, they have asked me to formulate a plan (uh) to cleanse our source code. I realize that this will be a long and hard task for some of the people here. Thanks for your help, Javier Godinez On 9/25/06, Andreas Tscharner <andreas.tscharner at metromec.ch> wrote: > Javier Godinez wrote: > > We recently had a break in on our CVS Server. > > What CVS version? CVS or CVSNT? Was it the CVS(NT) Server program that > was compromised or the machine, CVS(NT) runs on? > > Does anyone have any ideas on what options there are to perform a > > source code audit? > > Which source? CVS(NT) source? The source you managed with CVS(NT)? > > I am looking for tools/services/any ideas on how to attack this problem. > > If anyone has any guidance, it will be truly appreciated. > > http://mixter.void.ru/vulns.html > is one page. > > (I suggest you want to audit your own source code) > I think you should have some backups of your CVS(NT) repository; in this > case a simple compare with the "last known good"(tm) version could be a > solution... > > Best regards > Andreas > -- > Andreas Tscharner andreas.tscharner at metromec.ch > ------------------------------------------------------------------------ > And the beast shall come forth surrounded by a roiling cloud of > vengeance. The house of the unbelievers shall be razed and they shall be > scorched to the earth. Their tags shall blink until the end of days. > -- The Book of Mozilla 12:10 > _______________________________________________ > cvsnt mailing list > cvsnt at cvsnt.org cvsnt downloads at march-hare.com @CVSNT on Twitter CVSNT on Facebook > http://www.cvsnt.org/cgi-bin/mailman/listinfo/cvsnt https://www.march-hare.com/cvspro/en.asp#downcvs >