From owner-freebsd-security Thu Jul 26 7: 7: 4 2001 Delivered-To: freebsd-security@freebsd.org Received: from federation.addy.com (addy.com [208.11.142.20]) by hub.freebsd.org (Postfix) with ESMTP id 3A5B137B401 for ; Thu, 26 Jul 2001 07:07:01 -0700 (PDT) (envelope-from jim@federation.addy.com) Received: from localhost (jim@localhost) by federation.addy.com (8.9.3/8.9.3) with ESMTP id KAA24396 for ; Thu, 26 Jul 2001 10:06:38 -0400 (EDT) (envelope-from jim@federation.addy.com) Date: Thu, 26 Jul 2001 10:06:38 -0400 (EDT) From: Jim Sander Cc: FreeBSD Security Subject: Re: Telnet exploit & 3.4-RELEASE In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org With all the trouble people seem to be having with this issue- let me run this by people more "in the know" and see if they think it is likely to fix things at all... 1) built up a "new" 3.x box locally, and installed the source (my production boxes don't have full source) 2) applied the patch and built the new telnetd (it's 2K smaller than the original, so I know *something* changed) 3) copied the binary over to the production systems "manually." 4) restarted inetd Telnet definitely functions, and the exploit doesn't seem to succeed- but then it didn't work before either, so who knows for sure. (I'm probably just using it improperly) It seems to me that this should confuse at least the basest script-kiddies, and really that's what I'm most worried about. The patch seems to involve only telnetd iteself, so my gut says I'm golden. (or at least bronzed) Comments? -=Jim=- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message