From owner-freebsd-security  Mon Jul 28 22:15:19 1997
Return-Path: <owner-freebsd-security>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id WAA09699
          for security-outgoing; Mon, 28 Jul 1997 22:15:19 -0700 (PDT)
Received: from mail.MCESTATE.COM (vince@mail.MCESTATE.COM [207.211.200.50])
          by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id WAA09693
          for <security@FreeBSD.ORG>; Mon, 28 Jul 1997 22:15:16 -0700 (PDT)
Received: from localhost (vince@localhost)
	by mail.MCESTATE.COM (8.8.5/8.8.5) with SMTP id WAA08350;
	Mon, 28 Jul 1997 22:15:04 -0700 (PDT)
Date: Mon, 28 Jul 1997 22:15:02 -0700 (PDT)
From: Vincent Poy <vince@mail.MCESTATE.COM>
To: "Jordan K. Hubbard" <jkh@time.cdrom.com>
cc: security@FreeBSD.ORG, "[Mario1-]" <mario1@PrimeNet.Com>,
        JbHunt <johnnyu@accessus.net>
Subject: Re: security hole in FreeBSD 
In-Reply-To: <6647.870152743@time.cdrom.com>
Message-ID: <Pine.BSF.3.95.970728221051.3844p-100000@mail.MCESTATE.COM>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

On Mon, 28 Jul 1997, Jordan K. Hubbard wrote:

=)> =)That proves absolutely nothing.  You think I can't hack a telnetd to
=)> =)provide multiple "services?"  Wake up, Vinnie! :-)
=)> 
=)> 	Ofcourse you could but you're not in the same type of hacking
=)> business this guy is in.  This is a log of a irc chat session.
=)
=)My essential point remains unchanged.  You can trust NONE of the
=)binaries on your system now and it's strongly suggested that you
=)reinstall whatever you cannot, through mtree/tripwire database checks,
=)verify as absolutely pristine.  I also suggest that you guys invest in
=)a CDR drive and use it for periodic construction of trusted backup
=)images.  For an ISP, the cost/benefit ration is definitely there.

	I know what you mean about the CDR drive.  It's not that we had a
choice since all of us are just volunteers running the system remotely.
I'm planning to reinstall all the binaries anyways but it's kind of hard
when I'm in Northern California and the owners are out of the country for
2-4 months leaving the machines in the closet totally unattended.  I know
/bin/sh and /bin/csh has been wiped so I need to be able to guide someone
through how to use the floppy to copy the files back to the hd and then
I'll fix it from there.  Also, another thing is this ISP was free for the
last 2 years until recently so maybe that's why the owners didn't put
money into it but into other stuff instead.

Cheers,
Vince - vince@MCESTATE.COM - vince@GAIANET.NET           ________   __ ____ 
Unix Networking Operations - FreeBSD-Real Unix for Free / / / / |  / |[__  ]
GaiaNet Corporation - M & C Estate                     / / / /  | /  | __] ]  
Beverly Hills, California USA 90210                   / / / / / |/ / | __] ]
HongKong Stars/Gravis UltraSound Mailing Lists Admin /_/_/_/_/|___/|_|[____]