Date: Mon, 28 Jul 1997 15:10:35 -0700 From: "Jordan K. Hubbard" <jkh@time.cdrom.com> To: Vincent Poy <vince@mail.MCESTATE.COM> Cc: security@FreeBSD.ORG, "[Mario1-]" <mario1@PrimeNet.Com>, JbHunt <johnnyu@accessus.net> Subject: Re: security hole in FreeBSD Message-ID: <4908.870127835@time.cdrom.com> In-Reply-To: Your message of "Mon, 28 Jul 1997 03:19:55 PDT." <Pine.BSF.3.95.970728031228.3844A-100000@mail.MCESTATE.COM>
next in thread | previous in thread | raw e-mail | index | archive | help
I think you are describing the symptom, not the problem. This looks very much like a system which was broken into and then trojan'd to allow easier, more invisible access. How do you know, for example, that your telnetd is really telnetd? Did you verify that? ;) Also, I'd check that inetd.conf file again and make _really sure_ you haven't left remote shell access enabled - a lot of people miss that because it's not explicitly labelled "rlogin" like they might expect. Jordan
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4908.870127835>