Date: Wed, 5 Dec 2001 16:46:29 +1100 (EST) From: Warren Toomey <wkt@minnie.tuhs.org> To: freebsd-security@freebsd.org Subject: Strange request, telnetd exploit Message-ID: <200112050546.fB55kTf46559@minnie.tuhs.org>
next in thread | raw e-mail | index | archive | help
Hi all, This is a strange request. I'm giving a network programming course at a Uni here in Australia. Last week, I looked at common vulnerabilites, e.g buffer overflows, and I also described probe tools etc etc. On Friday, I was going to demonstrate tools like nmap, nessus and saint, and end with a demo of a real-live exploit. I thought of the recent telnetd exploit, and I still have the old FreeBSD 4.3 binary on CD. I'd like to set up the old, vulnerable telnet with appropriate /etc/hosts.allow rules to only allow an attack from within the local subnet. However, I cannot find a copy of the exploit code. Can anybody help me? To give you some details of my bona fides: The course I'm running: http://www.it.bond.edu.au/inft334/013/ The security lecture: http://www.it.bond.edu.au/inft334/013/lectures/week12.html I was assistant program chair on a security symposium which was held about 2 weeks ago: http://www.auug.org.au/security2001/ Other security stuff I have worked on in the past: http://minnie.tuhs.org/Seminars/index.html (you have to read the titles) Many thanks in advance, Warren Toomey, School of IT, Bond Uni P.S My PGP keys are at http://minnie.tuhs.org/warren.html if you'd rather send me PGP-encrypted code. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200112050546.fB55kTf46559>