PPT Slide
Case #2 (3 of 3): Breaking and Entering
Summary
- Break-in occurred by exploiting a vulnerability in rpc.statd (part of nfs).
- The exploit generated an xterm session on the hacker’s computer having root privilege.
- The only indication of the break-in was the reporting of an error in the syslog file (and of course the vandalized web page).