Date: Mon, 05 Mar 2001 18:38:04 -0800 From: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca> To: Chris Byrnes <chris@jeah.net> Cc: Evren Yurtesen <yurtesen@ispro.net.tr>, Dag-Erling Smorgrav <des@ofug.org>, dce <dce@squish.org>, security@FreeBSD.ORG Subject: Re: 31337 Message-ID: <200103060238.f262crC01056@cwsys.cwsent.com> In-Reply-To: Your message of "Mon, 05 Mar 2001 16:16:56 CST." <Pine.BSF.4.33.0103051616140.45434-100000@awww.jeah.net>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <Pine.BSF.4.33.0103051616140.45434-100000@awww.jeah.net>, Chris Byrn es writes: > Heh, yeah, exactly. Sometimes people jump to conclusions too fast. > > It's just an IRCD. The problem is that you don't know whether the system has been rooted or not. As such the prudent thing is to assume that the system has been rooted. > > > + Chris Byrnes, chris@JEAH.net > + JEAH Communications > + 1-866-AWW-JEAH (Toll-Free) Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Team Leader, Sun/Alpha Team Internet: Cy.Schubert@osg.gov.bc.ca Open Systems Group, ITSD, ISTA Province of BC > > > On Mon, 5 Mar 2001, Evren Yurtesen wrote: > > > cant it be a person who has a shell and execute some daemons etc ? like > > ircd? > > > > why does he need to reinstall his system? > > > > Evren > > > > > dce <dce@squish.org> writes: > > > > I have noticed the following ports open on my FreeBSD 4.2-STABLE machin > e > > > > > > > > 31337/tcp open Elite > > > > 6667/tcp open irc > > > > > > You're owned. Take your box off the net, take a backup, reinstall from > > > trusted media (preferably original CD-ROMs from BSDI), transfer data > > > (*no* executables, scripts or configuration files!) from backup. And > > > get some security clue; the security(7) man page is a good place to > > > start, though far from complete. > > > > > > DES > > > -- > > > Dag-Erling Smorgrav - des@ofug.org > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > with "unsubscribe freebsd-security" in the body of the message > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-security" in the body of the message > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200103060238.f262crC01056>