From owner-freebsd-security  Mon Jul 28 22:06:01 1997
Return-Path: <owner-freebsd-security>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id WAA08873
          for security-outgoing; Mon, 28 Jul 1997 22:06:01 -0700 (PDT)
Received: from time.cdrom.com (root@time.cdrom.com [204.216.27.226])
          by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id WAA08861
          for <security@FreeBSD.ORG>; Mon, 28 Jul 1997 22:05:47 -0700 (PDT)
Received: from time.cdrom.com (jkh@localhost.cdrom.com [127.0.0.1]) by time.cdrom.com (8.8.6/8.6.9) with ESMTP id WAA06651; Mon, 28 Jul 1997 22:05:43 -0700 (PDT)
To: Vincent Poy <vince@mail.MCESTATE.COM>
cc: security@FreeBSD.ORG, "[Mario1-]" <mario1@PrimeNet.Com>,
        JbHunt <johnnyu@accessus.net>
Subject: Re: security hole in FreeBSD 
In-reply-to: Your message of "Mon, 28 Jul 1997 17:03:19 PDT."
             <Pine.BSF.3.95.970728170156.3844H-100000@mail.MCESTATE.COM> 
Date: Mon, 28 Jul 1997 22:05:43 -0700
Message-ID: <6647.870152743@time.cdrom.com>
From: "Jordan K. Hubbard" <jkh@time.cdrom.com>
Sender: owner-freebsd-security@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

> =)That proves absolutely nothing.  You think I can't hack a telnetd to
> =)provide multiple "services?"  Wake up, Vinnie! :-)
> 
> 	Ofcourse you could but you're not in the same type of hacking
> business this guy is in.  This is a log of a irc chat session.

My essential point remains unchanged.  You can trust NONE of the
binaries on your system now and it's strongly suggested that you
reinstall whatever you cannot, through mtree/tripwire database checks,
verify as absolutely pristine.  I also suggest that you guys invest in
a CDR drive and use it for periodic construction of trusted backup
images.  For an ISP, the cost/benefit ration is definitely there.

				Jordan