Re: sorry for the wide question but

To: Allen Ahoffman <ahoffman@announce.com>
Cc: debian-security@lists.debian.org
Subject: Re: sorry for the wide question but
From: Tollef Fog Heen <tollef@add.no>
Date: 29 Aug 2000 21:45:48 +0200
Message-id: <[🔎] 871yz7vok3.fsf@arabella.intern.opera.no>
In-reply-to: Allen Ahoffman's message of "Mon, 28 Aug 100 06:22:05 -0400 (EDT)"
References: <[🔎] 200008281022.GAA04070@announce.com>

* Allen Ahoffman 

| We know the guy replaced netstat, ls, ps, and some other stuff, set up
| camp in /tmp, uses a hacked telnetd on a higher port, and gains root
| access, but we are looking for the hacks that get people in without
| passwords to start with.

[..]

| its kernel 2.0.12 on the machine.

If the rest of the box is that old, it's probably more or less riddled
with holes.  The _only_ thing to do after a root compromise is full
reinstall from known good media.  It's faster and easier.  And you
have to ability to switch to debian as well!  :)

-- 

Tollef Fog Heen
Unix _IS_ user friendly... It's just selective about who its friends are.

Reply to:

References:
- sorry for the wide question but
  - From: Allen Ahoffman <ahoffman@announce.com>

Prev by Date: Re: sorry for the wide question but
Next by Date: SecurityPortal Review of Potato
Previous by thread: Re: sorry for the wide question but
Next by thread: SecurityPortal Review of Potato
Index(es):
- Date
- Thread