Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 28 Jul 1997 22:15:02 -0700 (PDT)
From:      Vincent Poy <vince@mail.MCESTATE.COM>
To:        "Jordan K. Hubbard" <jkh@time.cdrom.com>
Cc:        security@FreeBSD.ORG, "[Mario1-]" <mario1@PrimeNet.Com>, JbHunt <johnnyu@accessus.net>
Subject:   Re: security hole in FreeBSD 
Message-ID:  <Pine.BSF.3.95.970728221051.3844p-100000@mail.MCESTATE.COM>
In-Reply-To: <6647.870152743@time.cdrom.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Mon, 28 Jul 1997, Jordan K. Hubbard wrote:

=)> =)That proves absolutely nothing.  You think I can't hack a telnetd to
=)> =)provide multiple "services?"  Wake up, Vinnie! :-)
=)> 
=)> 	Ofcourse you could but you're not in the same type of hacking
=)> business this guy is in.  This is a log of a irc chat session.
=)
=)My essential point remains unchanged.  You can trust NONE of the
=)binaries on your system now and it's strongly suggested that you
=)reinstall whatever you cannot, through mtree/tripwire database checks,
=)verify as absolutely pristine.  I also suggest that you guys invest in
=)a CDR drive and use it for periodic construction of trusted backup
=)images.  For an ISP, the cost/benefit ration is definitely there.

	I know what you mean about the CDR drive.  It's not that we had a
choice since all of us are just volunteers running the system remotely.
I'm planning to reinstall all the binaries anyways but it's kind of hard
when I'm in Northern California and the owners are out of the country for
2-4 months leaving the machines in the closet totally unattended.  I know
/bin/sh and /bin/csh has been wiped so I need to be able to guide someone
through how to use the floppy to copy the files back to the hd and then
I'll fix it from there.  Also, another thing is this ISP was free for the
last 2 years until recently so maybe that's why the owners didn't put
money into it but into other stuff instead.

Cheers,
Vince - vince@MCESTATE.COM - vince@GAIANET.NET           ________   __ ____ 
Unix Networking Operations - FreeBSD-Real Unix for Free / / / / |  / |[__  ]
GaiaNet Corporation - M & C Estate                     / / / /  | /  | __] ]  
Beverly Hills, California USA 90210                   / / / / / |/ / | __] ]
HongKong Stars/Gravis UltraSound Mailing Lists Admin /_/_/_/_/|___/|_|[____]

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95.970728221051.3844p-100000>