nanog mailing list archives
RE: resolved Re: should i publish a list of cracked machines?
From: Roeland Meyer <rmeyer () mhsc com>
Date: Thu, 23 Aug 2001 16:07:38 -0700
|> From: Kevin Houle [mailto:kjh () cert org] |> Sent: Thursday, August 23, 2001 10:42 AM |> |> --On Thursday, August 23, 2001 12:39:21 -0400 Jim Mercer |> <jim () reptiles org> |> wrote: |> |> > my suspicions and some things to look for: |> > |> > - boxes were comprimised using the buffer overflow in telnetd |> > (speculation) |> |> The CERT/CC is aware of some level of automated exploitation of |> the recently described telnetd vulnerability. If folks have yet |> to patch systems for that particular vulnerability, it would be |> a good thing to spend time doing. We've seen it used to deploy |> DDoS-capable tools, for example. |> |> More info on the vulnerability at: |> |> http://www.kb.cert.org/vuls/id/745371 quick patch for this vulnerability #! /bin/sh rm -f `whereis in.telnetd` rm -f `whereis in.ftpd` /etc/rc.d/init.d/ssh-server start
Current thread:
- RE: resolved Re: should i publish a list of cracked machines? Roeland Meyer (Aug 23)
- <Possible follow-ups>
- RE: resolved Re: should i publish a list of cracked machines? Roeland Meyer (Aug 23)