Re:Look kids... (Score 1)

Conducted a full investigation? The investigation as to what exactly happened is still being conducted. People are taking the appropriate steps to try to determine who was responsible. I talk to the developers of BitchX daily in #BitchX@efnet. And we were frantically trying to figure out what the hell went on. The main coder wasn't even around during the two days that this occurred, so i see no way that he could have modified the source code. As far as bitchx.org not being compromised, well the system admin happens to be one of the people sitting right there in #BitchX. And being a competent sysadmin like I know he is, he checked out all aspects of the system and came to the conclusion it was not compromised. That brings me to the point about different ip blocks being directed to different ips for *.bitchx.org. Some people were actually directed to the real bitchx ftp/www site, while other people were redirected to the 'hacked' site. The hacked site was identical to the bitchx.org site, minus the fact that it had the infected copy of the source code. I give the people responsible for this alot of credit, because 'dns hacking' is very effective at times. As far as my comments about anonymous ftp servers and holes. I was just reading through some of the posts about this and other situations similar to this. They seem to think its the sysadmin's fault that the hole is there. Even though they may be running the same piece of software and just did not happen to be exploited. Yes, of course SSH isn't anonymous. I was just mentioning the fact that popular methods of interfacing with systems are exploitable without truly being a fault of a sysadmin. kthx. ice-man@efnet