Date: Mon, 06 May 2002 12:04:02 -0700 From: "Dylan A. Reinhold" <Dylan@ocnetworking.com> To: security@freebsd.org Subject: Telent Exploit Message-ID: <3CD6D3A2.1CC77A9B@ocnetworking.com>
next in thread | raw e-mail | index | archive | help
I think I just got hit with a telent exploit. I noticed some network activity on my cable modem, Logged in my gateway ran 'w' no one else but ran 'top' I had telned running, in my security logs I found this: May 5 16:27:45 cx17105-b /kernel: ipfw: 4000 Accept TCP 211.234.111.226:58981 68**.**.**:23 in via ep0 May 5 16:27:46 cx17105-b /kernel: ipfw: 4000 Accept TCP 211.234.111.226:59085 68.**.**.**:23 in via ep0 May 5 16:27:47 cx17105-b /kernel: ipfw: 4000 Accept TCP 211.234.111.226:59086 **.**.**:23 in via ep0 Im running stable what gives???? The worst part was I only had Telnet enabled for 3 hours.... $uname -a FreeBSD cx17105-b 4.5-STABLE FreeBSD 4.5-STABLE #2: Mon Apr 8 20:07:25 PDT 2002 root@cx17105-b:/usr/obj/usr/src/sys/SPUD i386 Thanks, Dylan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3CD6D3A2.1CC77A9B>