From owner-freebsd-questions Fri Sep 21 9: 6:33 2001 Delivered-To: freebsd-questions@freebsd.org Received: from relay.freedom.net (relay.freedom.net [207.107.115.209]) by hub.freebsd.org (Postfix) with SMTP id 5AD2337B41A for ; Fri, 21 Sep 2001 09:06:28 -0700 (PDT) Received: (qmail 14207 invoked from network); 21 Sep 2001 16:06:27 -0000 Received: from unknown (192.168.81.104) by 0 with QMQP; 21 Sep 2001 16:06:27 -0000 Received: ; 21 Sep 2001 16:06:27 -0000 Received: from unknown by superman with QMQP; 21 Sep 2001 16:06:27 -0000 Received: from unknown by spiderman with SMTP; 21 Sep 2001 16:06:27 -0000 X-Freedom-Envelope-Sig: freebsd-questions@FreeBSD.ORG AQE0WT5sj4cTw0sqm6NlCYCsz6ZoPI+Nh+hcpPM2BhE4bg96BeIZnlyg Old-From: ybbor@freedom.net To: Subject: Freebsd being hacked Date: Fri, 21 Sep 2001 09:06:01 -0700 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary = "----=_NextPart_000_0005_01C1427C.A2DE9A80" From: ybbor@freedom.net Message-Id: <20010921160628.5AD2337B41A@hub.freebsd.org> Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Zero-Knowledge MIME Encapsulated Message ------=_NextPart_000_0005_01C1427C.A2DE9A80 Content-Type: text/plain; charset = "iso-8859-1" Content-Transfer-Encoding: quoted-printable Hello, I have a Breebsd server. It was running freebsd 3.x(not exactly sure) = and last week somone used that telnet exploit. so i ran that patch on = your site. then i downloaded the freebsd 4.4 iso and upgraded my = system. =20 Today i try to log in to my computer and i can't telnet in to it. So i = went to the box, and i can't log in to it. on the screen it says there = was an 'su pop to toor'. and that the kernel log was full. it looks = like i was hacked, so i unpluged the comptuer from the network and now i = don't know what to do. =20 how do i log in to a comptuer if someone changed the root password and = disabled every other account? thanks -Robby Ticknor ________________________________________________________________________ Protect your privacy! - Get Freedom 2.0 at http://www.freedom.net ------=_NextPart_000_0005_01C1427C.A2DE9A80 Content-Type: text/html; charset = "iso-8859-1" Content-Transfer-Encoding: quoted-printable
Hello,
 
I have a Breebsd server.  It was = running=20 freebsd 3.x(not exactly sure) and last week somone used that telnet=20 exploit.  so i ran that patch on your site.  then i downloaded = the=20 freebsd 4.4 iso and upgraded my system. 
 
Today i try to log in to my computer = and i can't=20 telnet in to it.  So i went to the box, and i can't log in to = it.  on=20 the screen it says there was an 'su pop to toor'.  and that the = kernel log=20 was full.  it looks like i was hacked, so i unpluged the comptuer = from the=20 network and now i don't know what to do. 
 
how do i log in to a comptuer if = someone changed=20 the root password and disabled every other account?
 
thanks
-Robby = Ticknor

________________________________________________________________________
Protect your privacy! - Get Freedom 2.0 at http://www.freedom.net

------=_NextPart_000_0005_01C1427C.A2DE9A80-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message