From owner-freebsd-questions  Wed Aug  1 14:10: 9 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from obsecurity.dyndns.org (adsl-63-207-60-80.dsl.lsan03.pacbell.net [63.207.60.80])
	by hub.freebsd.org (Postfix) with ESMTP id 94D2A37B401
	for <freebsd-questions@freebsd.org>; Wed,  1 Aug 2001 14:10:03 -0700 (PDT)
	(envelope-from kris@obsecurity.org)
Received: by obsecurity.dyndns.org (Postfix, from userid 1000)
	id 8A00966D5B; Wed,  1 Aug 2001 14:10:02 -0700 (PDT)
Date: Wed, 1 Aug 2001 14:10:02 -0700
From: Kris Kennaway <kris@obsecurity.org>
To: Jahanur R Subedar <jahanur@zeetelecom.com>
Cc: Kris Kennaway <kris@obsecurity.org>,
	freebsd-questions <freebsd-questions@freebsd.org>
Subject: Re: telnetd missing
Message-ID: <20010801141001.B81543@xor.obsecurity.org>
References: <20010731121809.E34978@xor.obsecurity.org> <NFBBJFIAKLFPCJIFCKPFIEAFCAAA.jahanur@zeetelecom.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
	protocol="application/pgp-signature"; boundary="wq9mPyueHGvFACwf"
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <NFBBJFIAKLFPCJIFCKPFIEAFCAAA.jahanur@zeetelecom.com>; from jahanur@zeetelecom.com on Tue, Jul 31, 2001 at 02:43:34PM -0500
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG


--wq9mPyueHGvFACwf
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Tue, Jul 31, 2001 at 02:43:34PM -0500, Jahanur R Subedar wrote:
> The last does not show anykind report of unusual login.
> Is there anyother I can trace it.

Maybe, but it's impossible to guess.  Chances are they excised the
records which show them penetrating the system..your only hope is if
they forgot something, but it's not something this group can easily
help you with.  If you're really interested in tracking this down,
look for one of the guides on post-intrusion forensics on the web.

Kris

--wq9mPyueHGvFACwf
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: For info see http://www.gnupg.org

iD8DBQE7aHApWry0BWjoQKURAg65AKD5gvnJEOIkqk8WnS6+EbZW/d/tqgCg9PAn
duEtsZ0eg/mfytyncAkaLxQ=
=zTiJ
-----END PGP SIGNATURE-----

--wq9mPyueHGvFACwf--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message