Date: Thu, 26 Jul 2001 22:42:49 -0700 From: "Ted Mittelstaedt" <tedm@toybox.placo.com> To: "Kris Kennaway" <kris@obsecurity.org> Cc: "Shawn Ramsey" <shawn@megadeth.org>, <questions@FreeBSD.ORG> Subject: RE: telnetd problem? Message-ID: <004f01c1165e$f8a22f80$1401a8c0@tedm.placo.com> In-Reply-To: <20010726040113.A41239@xor.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
The way he posted it I read it as immediately after applying the patches that telnetd started having problems. That would point to a patch being the problem, it would be far too coincidental for him to have made his patches precisely as a large scale attack started on the Internet. But I agree that you could read it differently in that it could be that the problem started not immediately but just right around that time, in which case your correct in that he would need to temporarily replace his new telnetd with the old one to see if the problems went away in order to get an exact pinpoint. Ted Mittelstaedt tedm@toybox.placo.com Author of: The FreeBSD Corporate Networker's Guide Book website: http://www.freebsd-corp-net-guide.com >-----Original Message----- >From: Kris Kennaway [mailto:kris@obsecurity.org] >Sent: Thursday, July 26, 2001 4:01 AM >To: Ted Mittelstaedt >Cc: Kris Kennaway; Shawn Ramsey; questions@FreeBSD.ORG >Subject: Re: telnetd problem? > > >On Thu, Jul 26, 2001 at 02:24:06AM -0700, Ted Mittelstaedt wrote: >> That's a bandaid. He stated that the problem wasn't happening until >> he updated to the new code, so obviously a patch they put into the >> telnetd broke something. > >No, Ted, that's not obvious. Exploitation of this problem has become >much more widespread since the public distribution of the exploit code >yesterday. The poster hasn't shown that there's a problem >inconsistent with lots of people throwing data at his telnetd trying >to exploit it. > >Kris > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?004f01c1165e$f8a22f80$1401a8c0>