nagios backdoor
Rainer Duffner
rainer at ultra-secure.de
Thu Jun 6 21:10:10 CEST 2013
Am 06.06.2013 um 20:46 schrieb Sven Nierlein <Sven.Nierlein at Consol.de>:
> Hi,
>
> Do you have any details? The german notice sounds like someone broke
> into their nagios system, but not necessarily by a nagios backdoor.
>
> Sven
There are not many details available - probably partly because they don't know them themselves (they've hired outside experts for the analysis).
Also, what you will read about such an incident will almost always never be the "complete truth" but more what the company will want you to believe to be the truth.
>From what can the learned from (mostly reliable heise-news)
http://www.heise.de/newsticker/meldung/Hetzner-gehackt-Kundendaten-kopiert-1884180.html
it either seems to be a rather sophisticated APT-style attack - or the company (Hetzner) has learned little to nothing from previous security-breaches and attackers found another way into their systems.
------------------------------------------------------------------------------
How ServiceNow helps IT people transform IT departments:
1. A cloud service to automate IT design, transition and operations
2. Dashboards that offer high-level views of enterprise services
3. A single system of record for all IT processes
http://p.sf.net/sfu/servicenow-d2d-j
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list