Linux Server Hacked.....?

B

blackneos940

Guest
Starting Nmap 6.40 ( http://nmap.org ) at 2014-11-23 16:20 UTC
Nmap scan report for srv08.lunaweb.pro (5.135.203.40)
Host is up (0.15s latency).
Not shown: 996 closed ports
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 5.5p1 Debian 6+squeeze5 (protocol 2.0)
| ssh-hostkey: 1024 ea:3c:ad:0d:9f:36:f9:78:e7:f1:94:ee:f8:ad:94:12 (DSA)
|_2048 7f:56:aa:7a:27:db:a1:08:1c:e6:a9:06:fd:aa:3b:40 (RSA)
80/tcp open http Apache httpd 2.2.16 ((Debian))
|_http-methods: No Allow or Public header in OPTIONS response (status code 301)
|_http-title: Did not follow redirect to http://www.clipconverter.cc/
111/tcp open rpcbind 2 (RPC #100000)
| rpcinfo:
| program version port/proto service
| 100000 2 111/tcp rpcbind
|_ 100000 2 111/udp rpcbind
445/tcp filtered microsoft-ds
Device type: general purpose
Running (JUST GUESSING): Linux 2.6.X|3.X (92%)
OS CPE: cpe:/o:linux:linux_kernel:2.6 cpe:/o:linux:linux_kernel:3
Aggressive OS guesses: Linux 2.6.32 - 2.6.39 (92%), Linux 2.6.32 - 3.0 (91%), Linux 3.2 - 3.6 (90%), Linux 3.1.9 (90%), Linux 3.4 (89%), Linux 2.6.39 (89%), Linux 2.6.32 (89%), Linux 2.6.32 - 2.6.35 (88%), Linux 3.5 (87%), Linux 3.0 - 3.9 (86%)
No exact OS matches for host (test conditions non-ideal).
Network Distance: 16 hops
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel

TRACEROUTE (using port 23/tcp)
HOP RTT ADDRESS
1 ... 3
4 14.65 ms cpe-024-028-253-034.triad.res.rr.com (24.28.253.34)
5 21.89 ms be34.chrcnctr01r.southeast.rr.com (24.93.64.198)
6 28.60 ms bu-ether14.atlngamq46w-bcr00.tbone.rr.com (66.109.6.82)
7 22.97 ms ae-1-0.pr0.atl20.tbone.rr.com (66.109.6.177)
8 ... 9
10 41.39 ms ae-2-52.edge3.Newark1.Level3.net (4.69.156.43)
11 65.60 ms level3.as3356.nj.us (178.32.135.18)
12 67.98 ms bhs-g1-6k.qc.ca (198.27.73.205)
13 67.96 ms 198.27.73.231
14 ...
15 150.20 ms srv20.lunaweb.pro (37.59.19.95)
16 153.79 ms srv08.lunaweb.pro (5.135.203.40)

OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 336.55 seconds

-------------------------


After finding out clipconverter had been hacked, I did an nmap scan, only to find out that they ran LINUX, of all things..... They're back up, but I thought Linux was hard to break into.....? :( Unless....... :(
 


All systems can be broken into. The difference is how hard a system must be broken in order to do so. According to that scan the remote system is running Kernel 2.6.x most likely. The 2.6 line has been EOL for a while now and is not receiving updates.

Most computer break-ins are caused by human error or lack of knowledge about computer security. Not the lack of security in a system. You can't blame an Operating System for human error. Besides, the number of Linux break-ins is close to zero. Linux is just a kernel, the real security concerns are human-space tools.
 
All systems can be broken into. The difference is how hard a system must be broken in order to do so. According to that scan the remote system is running Kernel 2.6.x most likely. The 2.6 line has been EOL for a while now and is not receiving updates.

Most computer break-ins are caused by human error or lack of knowledge about computer security. Not the lack of security in a system. You can't blame an Operating System for human error. Besides, the number of Linux break-ins is close to zero. Linux is just a kernel, the real security concerns are human-space tools.


You've got a point..... :D I guess I should have figured that sort of thing out (and I want to be a HACKER, for Goodness' sake..... XD) According to someone on http://www.isitdownrightnow.com/clipconverter.cc.html , the site, when it was down, said something along the lines of "Freedom for Palestine"..... :\ Anywho, part of me said: "Don't worry, it isn't so much Linux as it is the people using it." Which leads me to one more question..... :) WHEN a Server is hacked, regardless of the OS, can't you just unplug it from the Network, and fix it then.....?? :)
 
You've got a point..... :D I guess I should have figured that sort of thing out (and I want to be a HACKER, for Goodness' sake..... XD) According to someone on http://www.isitdownrightnow.com/clipconverter.cc.html , the site, when it was down, said something along the lines of "Freedom for Palestine"..... :\ Anywho, part of me said: "Don't worry, it isn't so much Linux as it is the people using it." Which leads me to one more question..... :) WHEN a Server is hacked, regardless of the OS, can't you just unplug it from the Network, and fix it then.....?? :)
If the damage is repairable yes.
 

Members online


Latest posts

Top