From owner-freebsd-newbies  Thu Oct 11 13:37:30 2001
Delivered-To: freebsd-newbies@freebsd.org
Received: from isua2.iastate.edu (isua2.iastate.edu [129.186.1.202])
	by hub.freebsd.org (Postfix) with ESMTP id CA1ED37B405
	for <freebsd-newbies@FreeBSD.ORG>; Thu, 11 Oct 2001 13:37:27 -0700 (PDT)
Received: from localhost (legg@localhost)
	by isua2.iastate.edu (8.8.8/8.8.5) with SMTP id PAA16921
	for <freebsd-newbies@FreeBSD.ORG>; Thu, 11 Oct 2001 15:37:26 -0500 (CDT)
Date: Thu, 11 Oct 2001 15:37:26 -0500 (CDT)
From: <legg@iastate.edu>
To: freebsd-newbies@FreeBSD.ORG
Subject: 4.3-RELEASE Security Issues
In-Reply-To: <200110111525.AA1671037056@stmail.pace.edu>
Message-ID: <Pine.OSF.3.95.1011011152532.8342C-100000@isua2.iastate.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-newbies@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-newbies.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-newbies>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-newbies>
X-Loop: FreeBSD.org

Just last week, After only being up for 80 minutes, my machine was
vandalized all the way from Romania, before I disabled telnetd as
recommended by:

ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:49.telnetd.v1.1.asc

I am not sure how this person got in, as my logs were deleted, but I am
guessing it was through the telnetd vulnerability.  I had to reinstall. 
Other than disabling this service, are there any other holes that a box on
the network may be vurnerable to? 

Right now I just got reinstalled, and I have been online only long enough
to test my network.  Afraid to get back on the network now.

Timothy D Legg
legg@iastate.edu


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-newbies" in the body of the message