Date: Sun, 23 Jun 1996 23:29:30 -0700 From: "Jordan K. Hubbard" <jkh@time.cdrom.com> To: guido@gvr.win.tue.nl (Guido van Rooij) Cc: hackers@freebsd.org, security@freebsd.org, ache@freebsd.org Subject: Re: I need help on this one - please help me track this guy down! Message-ID: <10326.835597770@time.cdrom.com> In-Reply-To: Your message of "Mon, 24 Jun 1996 08:25:32 %2B0200." <199606240625.IAA11793@gvr.win.tue.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
> Do you have anti-spoof filter rules in your backbone router? If not > install them. If so, please add packets coming in from localhost How do you install such things on a cisco 2500? :-) Seriously, if there's a way then I can get someone from cisco to help me out, but I first need to know that it's even a reasonable request. > to them. I don't know why he got in, but you can suspect rlogin plus > a localhost entry in host.equiv combined with source routed packets. Hmmm. We have reason to believe that he *didn't* get root (though we're still assuming he did, just to be paranoid) and if the mod times can be trusted, hosts.equiv hasn't been touched in many months (and localhost is commented out). Jordan
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?10326.835597770>