Date: Wed, 22 Jul 1998 09:01:49 +0200 From: Frank Nobis <fn@radio-do.de> To: "Jordan K. Hubbard" <jkh@time.cdrom.com>, "Lee Crites (ASC)" <leec@adam.adonai.net> Cc: Drew Derbyshire <ahd@kew.com>, security@FreeBSD.ORG Subject: Re: hacked and don't know why Message-ID: <19980722090149.A877@radio-do.de> In-Reply-To: <11754.901084742@time.cdrom.com>; from Jordan K. Hubbard on Tue, Jul 21, 1998 at 10:19:02PM -0700 References: <Pine.BSF.3.96.980721185446.5721A-100000@adam.adonai.net> <11754.901084742@time.cdrom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jul 21, 1998 at 10:19:02PM -0700, Jordan K. Hubbard wrote: > > This is almost a frightening message. We were hacked like this > > two weeks ago. How frequently are FreeBSD systems getting hacked > > into? Is there even anyone who has stats on this kind of thing? > > Not frightening, just depressing because once you investigate these > incidents you find that in 99.9% of the cases, it was down to one of > two things: > > 1. A security hole introduced through bad administration (someone > fumble-fingers a firewall config and now suddenly the entire net is > open to the outside). > > 2. A well-known security hole that has been announced on Bugtrax and > other places but is not closed by the local admins. That is exactly the point. A few days after the qpopper exloit has been published on buqtraq, I monitored a few hack attempts at my gateway. Good for me that I installed the patched version of qpopper one day before. Frank -- Frank Nobis Email: PGP AVAILABLE Landgrafenstr. 130 dg3dcn http://www.radio-do.de/~fn/ 44139 Dortmund Powered by FreeBSD To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980722090149.A877>