From owner-freebsd-security  Thu Sep 10 23:05:29 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id XAA14488
          for freebsd-security-outgoing; Thu, 10 Sep 1998 23:05:29 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from relay.ripco.com (relay.ripco.com [209.100.227.3])
          by hub.freebsd.org (8.8.8/8.8.8) with SMTP id XAA14480
          for <freebsd-security@freebsd.org>; Thu, 10 Sep 1998 23:05:26 -0700 (PDT)
          (envelope-from rezidew@rezidew.net)
Received: (qmail 24874 invoked from network); 11 Sep 1998 06:05:19 -0000
Received: from soap.rezidew.net (HELO rezidew.net) (209.100.228.86)
  by relay.ripco.com with SMTP; 11 Sep 1998 06:05:19 -0000
Message-ID: <35F8BF78.4C32DBEF@rezidew.net>
Date: Fri, 11 Sep 1998 01:13:12 -0500
From: Graphic Rezidew <rezidew@rezidew.net>
Organization: rezidew.net
X-Mailer: Mozilla 4.04 [en] (X11; I; FreeBSD 2.2.7-RELEASE i386)
MIME-Version: 1.0
To: freebsd-security@FreeBSD.ORG
Subject: sshd
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

ok, now I am just a little bit concerned about this ( maybe I'm over
looking something 
that's REALLY obvious) . I installed the ssh port from 2.2.5 I had set
up tcp wrappers
and noticed that none of the rules for ssh were working so I took the
line for it out
of /etc/inetd.conf. The next day I noticed that a 'netstat -a' revealed
that sshd was
running on port 22 of my machine. I have done "grep ssh /etc/*" and come
back with only
the entry in /etc/services and the rules in /etc/hosts.deny and
/etc/hosts.allow. I
manually went through the /etc/rc.local and found no entry for anything
called *ssh*.

Until I can get this figured out I have decided to 'chmod 000
/usr/local/sbin/sshd'.
Any help in locating the rogue execution of sshd would be greatly
appreciated.

-- 
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Rules for driving in New York:
        (1) Anything done while honking your horn is legal.
        (2) You may park anywhere if you turn your four-way flashers
            on.
        (3) A red light means the next six cars may go through the
            intersection.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Graphic Rezidew
Graphic@rezidew.net
http://Graphic.Rezidew.net

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message