Date: Mon, 06 May 2002 16:11:02 -0700 From: "Dylan A. Reinhold" <Dylan@ocnetworking.com> To: security@freebsd.org Subject: Re: Telent Exploit Message-ID: <3CD70D86.872C3337@ocnetworking.com> References: <3CD6D3A2.1CC77A9B@ocnetworking.com> <20020506132502.D59402@xor.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Kris Kennaway wrote: > On Mon, May 06, 2002 at 12:04:02PM -0700, Dylan A. Reinhold wrote: > > I think I just got hit with a telent exploit. I noticed some network > > activity on my cable modem, Logged in my gateway ran 'w' no one else but > >-------------SNIP ---------------SNIP----------------->>>>>>>>>>>>>>> > > > Im running stable what gives???? The worst part was I only had Telnet > > enabled for 3 hours.... > > Why do you think you were exploited? The above only shows people > connecting to the port. If you don't want people doing that, don't > allow them to. > > Kris When I saw the network activity and ran top, 'telnetd' was running something like 18% of the CPU with no visible users from 'who'. So I killed the telnetd pid, and all the traffic stopped. Then I looked at the security log the last entry was 15 minutes from when I killed 'telnetd'. Thanks, Dylan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3CD70D86.872C3337>