From owner-freebsd-stable  Wed Nov 29  0:29: 5 2000
Delivered-To: freebsd-stable@freebsd.org
Received: from dns.comrax.com (dns.comrax.com [194.90.246.124])
	by hub.freebsd.org (Postfix) with ESMTP
	id 3735637B401; Wed, 29 Nov 2000 00:29:00 -0800 (PST)
Received: from NOOR (unknown [156.27.243.27])
	by dns.comrax.com (Postfix) with SMTP
	id B6C4212C566; Wed, 29 Nov 2000 10:26:06 +0200 (IST)
From: "Noor Dawod" <noor@comrax.com>
To: "Kris Kennaway" <kris@FreeBSD.ORG>, "Henk Wevers" <wevers@cg.nu>
Cc: <freebsd-security@FreeBSD.ORG>, <freebsd-stable@FreeBSD.ORG>
Subject: RE: FreeBSD hacked?
Date: Wed, 29 Nov 2000 10:22:49 +0200
Message-ID: <PHEBIOJOBJJLIIJCOINKIENPCNAA.noor@comrax.com>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="US-ASCII"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0)
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700
Importance: Normal
In-Reply-To: <20001128161324.A89746@citusc17.usc.edu>
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Hi Kris and all,

Since I'm amongst others that use FreeBSD as their chosen and trusted
OS, I would like to know, if possible, how the system was compromised?

Thanks in advance.

Noor

-----Original Message-----
From: owner-freebsd-stable@FreeBSD.ORG
[mailto:owner-freebsd-stable@FreeBSD.ORG]On Behalf Of Kris Kennaway
Sent: Wednesday, November 29, 2000 2:13 AM
To: Henk Wevers
Cc: freebsd-security@FreeBSD.ORG; freebsd-stable@FreeBSD.ORG
Subject: Re: FreeBSD hacked?


On Tue, Nov 28, 2000 at 10:28:33PM +0100, Henk Wevers wrote:
>
>
>
> FreeBSD got a new Security Officer
>
> Nohican and {} would like to wish the new Security Officer (Kris) good
luck
> on his new job. We are sure you will do a great job!
>
> Look at the bottom of http://freebsd.org.index.html

Yes, I can confirm this happened last night. We were immediately
informed by those who did it including how it was achieved. The
penetration mechanism was not a vulnerability in FreeBSD and was
corrected immediately. While we don't believe that any malicious
activity took place while the machine was compromised, we've taken
steps to sanitize things anyway.

Kris

P.S. This kind of thing would have been better sent to
security-officer..for example, it's off-topic for -stable.



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message