From owner-freebsd-questions Sat Feb 20 9:54:46 1999 Delivered-To: freebsd-questions@freebsd.org Received: from server03.net-all.com.br (server-03.net-all.com.br [200.245.195.5]) by hub.freebsd.org (Postfix) with ESMTP id 37AED11836 for ; Sat, 20 Feb 1999 09:54:21 -0800 (PST) (envelope-from jcds@brasmail.com.br) Received: from server03 (server03.net-all.com.br [127.0.0.1]) by server03.net-all.com.br (Post.Office MTA v3.5.3 release 223 ID# 0-0U10L2S100V35) with SMTP id br; Sat, 20 Feb 1999 15:54:21 -0200 From: "Jose Carlos da Silva" Organization: ALLNET! Internet To: freebsd-questions@FreeBSD.ORG, Patrick Seal Date: Sat, 20 Feb 1999 15:54:20 -0200 MIME-Version: 1.0 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Subject: Re: I've been hacked! Reply-To: jcds@brasmail.com.br In-reply-to: X-mailer: Pegasus Mail for Win32 (v3.01d) Message-Id: <19990220175435.37AED11836@hub.freebsd.org> Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Patrick, Em 20 Feb 99, voce escreveu: > What can i do? Probably you're not in risk at all. Somebody tried to connect to your FreeBSD machine using TELNET and he/she also tried to login as root. First of all, you should make sure that the TELNET channels are not maked as secure int eh /etc/ttys file. Next you should consider using TCP WRAPPERS or upgrading your FreeBSD instalation. Both solutions will allow you to log the IP address of the attacker, so you can call his/her service provider to complaint about the facts. Regards, o-----------------( Jose Carlos da Silva )-----------------o | Administrador de Rede - WebMaster - jcds@brasmail.com.br | | ALLNET! Provedor Internet http://www.allnet.com.br | | Brasmail Internet Services http://www.brasmail.com.br | | Central Brasileira de Listas http://www.listas.nu | | Sao Paulo - SP - Brasil Fone: (011)3061-0088 | o----------------------------------------------------------o To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message