nanog mailing list archives
Re: resolved Re: should i publish a list of cracked machines?
From: Kevin Houle <kjh () cert org>
Date: Thu, 23 Aug 2001 13:41:42 -0400
--On Thursday, August 23, 2001 12:39:21 -0400 Jim Mercer <jim () reptiles org> wrote:
my suspicions and some things to look for: - boxes were comprimised using the buffer overflow in telnetd (speculation)
The CERT/CC is aware of some level of automated exploitation of the recently described telnetd vulnerability. If folks have yet to patch systems for that particular vulnerability, it would be a good thing to spend time doing. We've seen it used to deploy DDoS-capable tools, for example. More info on the vulnerability at: http://www.kb.cert.org/vuls/id/745371 Kevin
Attachment:
_bin
Description:
Current thread:
- should i publish a list of cracked machines? Jim Mercer (Aug 23)
- Re: should i publish a list of cracked machines? Mike Trest (Aug 23)
- resolved Re: should i publish a list of cracked machines? Jim Mercer (Aug 23)
- Re: resolved Re: should i publish a list of cracked machines? Kevin Houle (Aug 23)
- resolved Re: should i publish a list of cracked machines? Jim Mercer (Aug 23)
- Re: should i publish a list of cracked machines? Mitch Halmu (Aug 23)
- Re: should i publish a list of cracked machines? Josha Bronson (Aug 23)
- Re: should i publish a list of cracked machines? M. David Leonard (Aug 23)
- Re: should i publish a list of cracked machines? Laurence Berland (Aug 23)
- Re: should i publish a list of cracked machines? Mike Trest (Aug 23)