From owner-freebsd-security Mon Mar 5 18:40:57 2001 Delivered-To: freebsd-security@freebsd.org Received: from point.osg.gov.bc.ca (point.osg.gov.bc.ca [142.32.102.44]) by hub.freebsd.org (Postfix) with ESMTP id CCB0437B727 for ; Mon, 5 Mar 2001 18:40:46 -0800 (PST) (envelope-from Cy.Schubert@uumail.gov.bc.ca) Received: (from daemon@localhost) by point.osg.gov.bc.ca (8.8.7/8.8.8) id SAA13328; Mon, 5 Mar 2001 18:39:22 -0800 Received: from passer.osg.gov.bc.ca(142.32.110.29) via SMTP by point.osg.gov.bc.ca, id smtpda13326; Mon Mar 5 18:39:11 2001 Received: (from uucp@localhost) by passer.osg.gov.bc.ca (8.11.2/8.9.1) id f262d6M68981; Mon, 5 Mar 2001 18:39:06 -0800 (PST) Received: from cwsys9.cwsent.com(10.2.2.1), claiming to be "cwsys.cwsent.com" via SMTP by passer9.cwsent.com, id smtpdF68967; Mon Mar 5 18:38:54 2001 Received: (from uucp@localhost) by cwsys.cwsent.com (8.11.3/8.9.1) id f262crC01056; Mon, 5 Mar 2001 18:38:53 -0800 (PST) Message-Id: <200103060238.f262crC01056@cwsys.cwsent.com> Received: from localhost.cwsent.com(127.0.0.1), claiming to be "cwsys" via SMTP by localhost.cwsent.com, id smtpdz98947; Mon Mar 5 18:38:04 2001 X-Mailer: exmh version 2.3.1 01/18/2001 with nmh-1.0.4 Reply-To: Cy Schubert - ITSD Open Systems Group From: Cy Schubert - ITSD Open Systems Group X-Sender: schubert To: Chris Byrnes Cc: Evren Yurtesen , Dag-Erling Smorgrav , dce , security@FreeBSD.ORG Subject: Re: 31337 In-reply-to: Your message of "Mon, 05 Mar 2001 16:16:56 CST." Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Mon, 05 Mar 2001 18:38:04 -0800 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In message , Chris Byrn es writes: > Heh, yeah, exactly. Sometimes people jump to conclusions too fast. > > It's just an IRCD. The problem is that you don't know whether the system has been rooted or not. As such the prudent thing is to assume that the system has been rooted. > > > + Chris Byrnes, chris@JEAH.net > + JEAH Communications > + 1-866-AWW-JEAH (Toll-Free) Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Team Leader, Sun/Alpha Team Internet: Cy.Schubert@osg.gov.bc.ca Open Systems Group, ITSD, ISTA Province of BC > > > On Mon, 5 Mar 2001, Evren Yurtesen wrote: > > > cant it be a person who has a shell and execute some daemons etc ? like > > ircd? > > > > why does he need to reinstall his system? > > > > Evren > > > > > dce writes: > > > > I have noticed the following ports open on my FreeBSD 4.2-STABLE machin > e > > > > > > > > 31337/tcp open Elite > > > > 6667/tcp open irc > > > > > > You're owned. Take your box off the net, take a backup, reinstall from > > > trusted media (preferably original CD-ROMs from BSDI), transfer data > > > (*no* executables, scripts or configuration files!) from backup. And > > > get some security clue; the security(7) man page is a good place to > > > start, though far from complete. > > > > > > DES > > > -- > > > Dag-Erling Smorgrav - des@ofug.org > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > with "unsubscribe freebsd-security" in the body of the message > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message