Article 15848 at 09/07/30 11:56:41 From: dmobley (at mark) uhostme.com Subject: [coba-e:15848] Re: [LIKELY

Index: [Article Count Order] [Thread]

Date:  Wed, 29 Jul 2009 22:56:35 -0400
From:  "Darrell D. Mobley" <dmobley (at mark) uhostme.com>
Subject:  [coba-e:15848] Re: [LIKELY_SPAM]Root exploit on Blue Quartz
To:  <coba-e (at mark) bluequartz.org>
Message-Id:  <00f101ca10c1$5b83fe70$6401a8c0@HPPAVILION>
In-Reply-To:  <200907300403.10254.bq (at mark) solarspeed.net>
References:  <E776AF61EE604DC3BC41E9AB2D91AAA2 (at mark) HP9925NR> <200907300403.10254.bq (at mark) solarspeed.net>
X-Mail-Count: 15848

> -----Original Message-----
> From: Michael Stauber [mailto:bq (at mark) solarspeed.net]
> Sent: Wednesday, July 29, 2009 10:03 PM
> To: coba-e (at mark) bluequartz.org
> Subject: [coba-e:15846] Re: [LIKELY_SPAM]Root exploit on Blue Quartz
> 
> Now the real question is: How did he obtain the "admin" password in first
> place which allowed him to make the initial privileged connection to the
> GUI?

I looked in the admserv logs and saw where he just logged in and created a
user.  How did they get my password?  It's not an easy password and I only
use on my server and home router, no where else.  Packet sniffers?  Is there
a way to tell if you have password sniffers/keystroke loggers on your
computer?