From owner-freebsd-stable Fri Jul 20 8:57: 0 2001 Delivered-To: freebsd-stable@freebsd.org Received: from kremilek.gyrec.cz (kremilek.gyrec.cz [62.168.40.188]) by hub.freebsd.org (Postfix) with ESMTP id 87D1F37B401 for ; Fri, 20 Jul 2001 08:56:56 -0700 (PDT) (envelope-from admin@kremilek.gyrec.cz) Received: from localhost (admin@localhost) by kremilek.gyrec.cz (8.8.7/8.8.7) with SMTP id RAA00659 for ; Fri, 20 Jul 2001 17:56:54 +0200 Date: Fri, 20 Jul 2001 17:56:54 +0200 (CEST) From: To: freebsd-stable@FreeBSD.org Subject: probably remote exploit Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hallo there, Probably just warning. I personally couldn't believe it, but on the last list of my 4.2-RELEASE appeared that host sh2.1-sh.com was logged as user Jim. The one bad thing I did, that firewall wasnt working and there is NFS available (besides BRIGDED connection to CISCO Router, named and squid (both in sandbox) and sshd,ntp. I really don't know what happened, because I couldn't believe that someone is able to find out the eight character password. Because it is a school server I am not scared so much about compomising, but would like to know if I am so stupid (I was trying to leave,delete or update anything what was on security) or does it happened to anyoneelse as well? (haven't got Disk Space to build these days) sincerely Karel Rous To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message