Date: Sat, 17 Oct 1998 12:18:26 -0500 (CDT) From: "Yong S. Yi" <ysyi@async.org> To: Oleg Semenyuk <olegs@matrix.ru> Cc: olegs@crocodile.matrix.ru, questions@FreeBSD.ORG Subject: Re: FreeBSD-2.2.6 telnet, telnetd, rlogind - size of programm Message-ID: <Pine.LNX.3.96.981017121338.30952A-100000@azazel.async.org> In-Reply-To: <Pine.BSI.3.96.SK.981017143320.24978A-100000@ns.matrix.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 17 Oct 1998, Oleg Semenyuk wrote: >Hello all, > >I check now size of some programms on FreeBSD-2.2.6 and see that >size of telnet, telnetd, rlogind, rshd and some other programms different >for my home computer and one of work servers. ls -al for this programms, >for example: > >-r-xr-xr-x bin bin 45056 Mar 25 telnetd at work >-r-xr-xr-x bin bin 49152 Mar 25 telnetd at home > >nm /usr/libexec/telnetd say "no name list", and I don't know how >investigate this problem. > >I installed FreeBSD-2.2.6 on both servers at Apr 98 and Sep 98, source >from ftp.freebsd.org. > >Please answer about this problem. Does it mean that one of server >vulnerable? Well, if these are binaries straight from the installation sets, then perhaps. If you rebuilt your system from source code, then it may have compiled telnetd with different libs, etc, due to differing configurations. I believe 2.2.6 is "out-of-the-box" vulnerable to the QPOP bug (check inetd.conf), so it is very possible that someone could have obtained illegal access to the machine this way or another, and installed a telnetd backdoor. Staying up-to-date with security information is not a bad idea. At the least, check with FreeBSD's errata list at www.FreeBSD.org, and fix any known bugs (at the least, security bugs). Good luck. -ysyi To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.3.96.981017121338.30952A-100000>