From owner-freebsd-isp  Wed Feb  5 08:09:17 1997
Return-Path: <owner-isp>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id IAA18878
          for isp-outgoing; Wed, 5 Feb 1997 08:09:17 -0800 (PST)
Received: from nwpros.com (root@nwpros.com [205.229.128.214])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id IAA18645
          for <freebsd-isp@FreeBSD.ORG>; Wed, 5 Feb 1997 08:09:03 -0800 (PST)
Received: (from freebsd@localhost)
          by nwpros.com (8.8.4/8.8.4)
	  id KAA14434; Wed, 5 Feb 1997 10:11:04 GMT
Date: Wed, 5 Feb 1997 10:11:04 +0000 ()
From: "FreeBSD 2.2-BETA" <freebsd@nwpros.com>
To: Ricardo Kleemann <ricardo@americasnet.com>
cc: FreeBSD ISP list <freebsd-isp@FreeBSD.ORG>
Subject: Re: hacking - help
In-Reply-To: <Pine.LNX.3.95.970205072232.1101A-100000@irvine.americasnet.com>
Message-ID: <Pine.BSF.3.91.970205100920.14424B-100000@nwpros.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-isp@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

On Wed, 5 Feb 1997, Ricardo Kleemann wrote:
> 
> But, the real question is, what hole must I plug to prevent this? Is there
> a known hole where someone can log in as ftp and gain root access?
> 
> Also, does freebsd support host.allow and host.deny? I didn't see those
> files in /etc and there was no man page
> 
Do not allow anonymous FTP. That solves the problem of them logging in 
like that.  As for the hosts, yes it does.  Try 
feeding.frenzy.com...it very succesfully uses it (well at least 
against my efforts :P).

Sam