That's unfortunate. I had another system that they got the IRC shell on but
they have never gained access...
> -----Original Message-----
> From: Howie Dines [mailto:howie (at mark) howie.co.uk]
> Sent: Friday, September 22, 2006 3:31 AM
> To: coba-e (at mark) bluequartz.org
> Subject: [coba-e:07184] Re: psybnc (IRC Bouncer)
>
> On Fri, 22 Sep 2006 02:39:04 -0400, Darrell D. Mobley wrote
> > Did you determine how he got in?
>
> Through the front door unfortunately, logged in as admin.
>
> I'll crawl through the logs when I get in tonight. I'll also be looking at
> the image of
> the drive from 1.5 weeks ago as I had a complete system crash and had to
> reload totally.
>
> This time it just looks like he has loaded the IRC code. On the system
> that crashed I
> guess he was hiding his tracks fllowing a brute force style hack.
>
> Oh well I was able to boot on a live CD and copy most things before
> reloading. So I may
> have a chance to track him down.
>
> Best Regards,
> Howie.