The Real Story nearly rootkit.com ,HBGary E-mail !
HBGary E-mail Viewer
greg@hbgary.com
Go back
Original file: 27606
click hither to present this e-mail alongside HTML markup
From: jussi jaakonaho <jussij@gmail.com>
To: Greg Hoglund <greg@hbgary.com>
Date: Sun, vi February 2011 22:15:54 +0200
Subject: Re: take away to ssh into rootkit
click hither to present sum headers
Attachments: This e-mail does non lead keep whatever attachments.
did you lot opened upward something running on high port?
On February 6, 2011, at 9:43 PM, Greg Hoglund wrote:
> ok permit me know if you lot take away me
>
> On 2/6/11, jussi jaakonaho <jussij@gmail.com> wrote:
>> tnx.
>> i am also connected to the box, seems some people lead keep download problems -
>> lead keep figured before that some chinese used chinese chars on names of files,
>> which too therefore our filtering stripped off when putting db etc. therefore some db
>> editing
>>
>>
>> _jussi
>>
>> On February 6, 2011, at 9:36 PM, Greg Hoglund wrote:
>>
>>> ok sick brand certain to buy the farm you lot a novel license asap.
>>>
>>> On 2/6/11, jussi jaakonaho <jussij@gmail.com> wrote:
>>>> np.
>>>> btw i did non close downward the firewall therefore it nonetheless protects alongside likewise many
>>>> connections from same source address.
>>>>
>>>> i lead keep also downloaded latest backups from /home/varmi to my homebox,
>>>> just
>>>> inwards case.
>>>>
>>>> oh, also look my license is expiring for responder again. o:-) was
>>>> thinking
>>>> to position it into box alongside to a greater extent than memory.
>>>>
>>>> _jussi
>>>>
>>>> On February 6, 2011, at 9:26 PM, Greg Hoglund wrote:
>>>>
>>>>> yup im logged inwards cheers sick electronic mail you lot inwards a few, im backed up
>>>>>
>>>>> thanks
>>>>>
>>>>> On 2/6/11, jussi jaakonaho <jussij@gmail.com> wrote:
>>>>>> nope. your work organisation human relationship is named every bit hoglund
>>>>>>
>>>>>>
>>>>>> On February 6, 2011, at 9:23 PM, Greg Hoglund wrote:
>>>>>>
>>>>>>> yep jussi thanks
>>>>>>>
>>>>>>> did you lot reset the user greg or?
>>>>>>>
>>>>>>> On 2/6/11, jussi jaakonaho <jussij@gmail.com> wrote:
>>>>>>>> does it function now?
>>>>>>>>
>>>>>>>>
>>>>>>>> On February 6, 2011, at 9:17 PM, Greg Hoglund wrote:
>>>>>>>>
>>>>>>>>> if i tin lavatory mash out fourth dimension perchance nosotros tin lavatory choose handgrip of up.. sick live on inwards germany
>>>>>>>>> for a niggling bit.
>>>>>>>>>
>>>>>>>>> anyway I can't ssh into rootkit. you lot certain the ips still
>>>>>>>>> 65.74.181.141?
>>>>>>>>>
>>>>>>>>> thanks
>>>>>>>>>
>>>>>>>>> On 2/6/11, jussi jaakonaho <jussij@gmail.com> wrote:
>>>>>>>>>> ok,
>>>>>>>>>> it should immediately lead keep from anywhere to 47152 every bit ssh. i am doing
>>>>>>>>>> testing
>>>>>>>>>> so
>>>>>>>>>> that it plant for sure.
>>>>>>>>>> your password is changeme123
>>>>>>>>>>
>>>>>>>>>> i am online therefore merely shoot me if you lot take away something.
>>>>>>>>>>
>>>>>>>>>> inwards europe, but non inwards finland? :-)
>>>>>>>>>>
>>>>>>>>>> _jussi
>>>>>>>>>>
>>>>>>>>>> On February 6, 2011, at 9:08 PM, Greg Hoglund wrote:
>>>>>>>>>>
>>>>>>>>>>> no i dont lead keep Earth ip alongside me at the 2d because im
>>>>>>>>>>> ready
>>>>>>>>>>> for a pocket-size coming together too im inwards a rush.
>>>>>>>>>>>
>>>>>>>>>>> if anything merely reset my password to changeme123 too give me
>>>>>>>>>>> public
>>>>>>>>>>> ip too sick ssh inwards too reset my pw.
>>>>>>>>>>>
>>>>>>>>>>> thanks
>>>>>>>>>>>
>>>>>>>>>>> On 2/6/11, jussi jaakonaho <jussij@gmail.com> wrote:
>>>>>>>>>>>> hi,
>>>>>>>>>>>>
>>>>>>>>>>>> produce you lot lead keep world ip? or should i merely drib fw?
>>>>>>>>>>>> too it is w0cky - tho no remote origin access allowed
>>>>>>>>>>>>
>>>>>>>>>>>> On February 6, 2011, at 8:59 PM, Greg Hoglund wrote:
>>>>>>>>>>>>
>>>>>>>>>>>> _jussi
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>> jussi
>>>>
>>>>
>>
>>
HBGary E-mail Viewer
greg@hbgary.com
Go back
Original file: 27606
click hither to present this e-mail alongside HTML markup
From: jussi jaakonaho <jussij@gmail.com>
To: Greg Hoglund <greg@hbgary.com>
Date: Sun, vi February 2011 22:15:54 +0200
Subject: Re: take away to ssh into rootkit
click hither to present sum headers
Attachments: This e-mail does non lead keep whatever attachments.
did you lot opened upward something running on high port?
On February 6, 2011, at 9:43 PM, Greg Hoglund wrote:
> ok permit me know if you lot take away me
>
> On 2/6/11, jussi jaakonaho <jussij@gmail.com> wrote:
>> tnx.
>> i am also connected to the box, seems some people lead keep download problems -
>> lead keep figured before that some chinese used chinese chars on names of files,
>> which too therefore our filtering stripped off when putting db etc. therefore some db
>> editing
>>
>>
>> _jussi
>>
>> On February 6, 2011, at 9:36 PM, Greg Hoglund wrote:
>>
>>> ok sick brand certain to buy the farm you lot a novel license asap.
>>>
>>> On 2/6/11, jussi jaakonaho <jussij@gmail.com> wrote:
>>>> np.
>>>> btw i did non close downward the firewall therefore it nonetheless protects alongside likewise many
>>>> connections from same source address.
>>>>
>>>> i lead keep also downloaded latest backups from /home/varmi to my homebox,
>>>> just
>>>> inwards case.
>>>>
>>>> oh, also look my license is expiring for responder again. o:-) was
>>>> thinking
>>>> to position it into box alongside to a greater extent than memory.
>>>>
>>>> _jussi
>>>>
>>>> On February 6, 2011, at 9:26 PM, Greg Hoglund wrote:
>>>>
>>>>> yup im logged inwards cheers sick electronic mail you lot inwards a few, im backed up
>>>>>
>>>>> thanks
>>>>>
>>>>> On 2/6/11, jussi jaakonaho <jussij@gmail.com> wrote:
>>>>>> nope. your work organisation human relationship is named every bit hoglund
>>>>>>
>>>>>>
>>>>>> On February 6, 2011, at 9:23 PM, Greg Hoglund wrote:
>>>>>>
>>>>>>> yep jussi thanks
>>>>>>>
>>>>>>> did you lot reset the user greg or?
>>>>>>>
>>>>>>> On 2/6/11, jussi jaakonaho <jussij@gmail.com> wrote:
>>>>>>>> does it function now?
>>>>>>>>
>>>>>>>>
>>>>>>>> On February 6, 2011, at 9:17 PM, Greg Hoglund wrote:
>>>>>>>>
>>>>>>>>> if i tin lavatory mash out fourth dimension perchance nosotros tin lavatory choose handgrip of up.. sick live on inwards germany
>>>>>>>>> for a niggling bit.
>>>>>>>>>
>>>>>>>>> anyway I can't ssh into rootkit. you lot certain the ips still
>>>>>>>>> 65.74.181.141?
>>>>>>>>>
>>>>>>>>> thanks
>>>>>>>>>
>>>>>>>>> On 2/6/11, jussi jaakonaho <jussij@gmail.com> wrote:
>>>>>>>>>> ok,
>>>>>>>>>> it should immediately lead keep from anywhere to 47152 every bit ssh. i am doing
>>>>>>>>>> testing
>>>>>>>>>> so
>>>>>>>>>> that it plant for sure.
>>>>>>>>>> your password is changeme123
>>>>>>>>>>
>>>>>>>>>> i am online therefore merely shoot me if you lot take away something.
>>>>>>>>>>
>>>>>>>>>> inwards europe, but non inwards finland? :-)
>>>>>>>>>>
>>>>>>>>>> _jussi
>>>>>>>>>>
>>>>>>>>>> On February 6, 2011, at 9:08 PM, Greg Hoglund wrote:
>>>>>>>>>>
>>>>>>>>>>> no i dont lead keep Earth ip alongside me at the 2d because im
>>>>>>>>>>> ready
>>>>>>>>>>> for a pocket-size coming together too im inwards a rush.
>>>>>>>>>>>
>>>>>>>>>>> if anything merely reset my password to changeme123 too give me
>>>>>>>>>>> public
>>>>>>>>>>> ip too sick ssh inwards too reset my pw.
>>>>>>>>>>>
>>>>>>>>>>> thanks
>>>>>>>>>>>
>>>>>>>>>>> On 2/6/11, jussi jaakonaho <jussij@gmail.com> wrote:
>>>>>>>>>>>> hi,
>>>>>>>>>>>>
>>>>>>>>>>>> produce you lot lead keep world ip? or should i merely drib fw?
>>>>>>>>>>>> too it is w0cky - tho no remote origin access allowed
>>>>>>>>>>>>
>>>>>>>>>>>> On February 6, 2011, at 8:59 PM, Greg Hoglund wrote:
>>>>>>>>>>>>
>>>>>>>>>>>> _jussi
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>> jussi
>>>>
>>>>
>>
>>
Share This :
comment 0 Comments
more_vert