From owner-freebsd-security Mon Jan 25 02:33:16 1999 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id CAA24330 for freebsd-security-outgoing; Mon, 25 Jan 1999 02:33:16 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from apollo.backplane.com (apollo.backplane.com [209.157.86.2]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id CAA24321 for ; Mon, 25 Jan 1999 02:33:13 -0800 (PST) (envelope-from dillon@apollo.backplane.com) Received: (from dillon@localhost) by apollo.backplane.com (8.9.2/8.9.1) id CAA03222; Mon, 25 Jan 1999 02:26:43 -0800 (PST) (envelope-from dillon) Date: Mon, 25 Jan 1999 02:26:43 -0800 (PST) From: Matthew Dillon Message-Id: <199901251026.CAA03222@apollo.backplane.com> To: Peter Philipp Cc: freebsd-security@FreeBSD.ORG Subject: Re: FreeBSD Ports and ftp.win.tue.nl References: Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org :The ports containing the ftp.win.tue.nl site as a master or secondary site :are (no later than 2.2.8-REL ports distribution): : :/usr/ports/print/mp-letter :/usr/ports/security/crack :/usr/ports/security/tcp_wrapper : :I think it's fair to warn anyone that caution should be taken with at :least the first port mentioned if it hasn't already been removed. I did :not check this port either. :Wietse Venema's README at ftp.win.tue.nl below: : :Peter Philipp (PP2441) :Daemonic Networks I read a report of this somewhere... NYTimes, I think. That basically someone had broken into the site and backdoor'd tcp_wrapper. Presumably they found it pretty quickly. -Matt Matthew Dillon To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message