From owner-freebsd-questions  Mon May  3 12:58:36 1999
Delivered-To: freebsd-questions@freebsd.org
Received: from resnet.uoregon.edu (resnet.uoregon.edu [128.223.144.32])
	by hub.freebsd.org (Postfix) with ESMTP id A30B6154B5
	for <freebsd-questions@FreeBSD.ORG>; Mon,  3 May 1999 12:58:31 -0700 (PDT)
	(envelope-from dwhite@resnet.uoregon.edu)
Received: from localhost (dwhite@localhost)
          by resnet.uoregon.edu (8.8.8/8.8.8) with ESMTP id MAA02762;
          Mon, 3 May 1999 12:58:19 -0700 (PDT)
          (envelope-from dwhite@resnet.uoregon.edu)
Date: Mon, 3 May 1999 12:58:18 -0700 (PDT)
From: Doug White <dwhite@resnet.uoregon.edu>
To: Ben Pepa <bpepa@msn.bc.ca>
Cc: freebsd-questions@FreeBSD.ORG, bpepa@sd40.bc.ca
Subject: Re: hacking attempts
In-Reply-To: <Pine.BSF.4.05.9905020120140.347-100000@msn.bc.ca>
Message-ID: <Pine.BSF.4.03.9905031257000.20321-100000@resnet.uoregon.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Sun, 2 May 1999, Ben Pepa wrote:

> Today we had several breakins to at least 3 servers in which a
> mallisouis person used our servers to ping of death whole networks and
> other attacks to  others networks (not our own) and also had several irc
> bots running through out the night.
> 
> My question:  Is there some way to take advantage of sshd to gain access?

Very, very old versions of ssh did have a potential problem.  Most likely
the used some other path, probably imap.  (We had a breakin through imap a
while back.)

Doug White                               
Internet:  dwhite@resnet.uoregon.edu    | FreeBSD: The Power to Serve
http://gladstone.uoregon.edu/~dwhite    | www.freebsd.org



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message