From owner-freebsd-hackers Mon Jun 24 10:37:22 1996 Return-Path: owner-hackers Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id KAA10320 for hackers-outgoing; Mon, 24 Jun 1996 10:37:22 -0700 (PDT) Received: from gvr.win.tue.nl (root@gvr.win.tue.nl [131.155.210.19]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id KAA10284; Mon, 24 Jun 1996 10:37:12 -0700 (PDT) Received: by gvr.win.tue.nl (8.6.12/1.53) id TAA16762; Mon, 24 Jun 1996 19:34:08 +0200 From: guido@gvr.win.tue.nl (Guido van Rooij) Message-Id: <199606241734.TAA16762@gvr.win.tue.nl> Subject: Re: I need help on this one - please help me track this guy down! To: narvi@haldjas.folklore.ee (Narvi) Date: Mon, 24 Jun 1996 19:34:07 +0200 (MET DST) Cc: terry@lambert.org, jkh@time.cdrom.com, hackers@freebsd.org, security@freebsd.org, ache@freebsd.org In-Reply-To: from Narvi at "Jun 24, 96 08:05:05 pm" X-Mailer: ELM [version 2.4ME+ PL17 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > > Now are there some more things someone who's system was breaked into > could look for? Perhaps some passwords should be switched to S/Key - > it should be possible to generate them on a remote machine and then > install? > Another good idea is to start using the /etc/login.access file. For me, all logins will orginate from a small set of machines... -Guido