Re: Advice Needed On Recent Rootings

To: Bradley Alexander <storm@tux.org>
Cc: Jayson Vantuyl <kagato@souja.net>, Debian Security <debian-security@lists.debian.org>
Subject: Re: Advice Needed On Recent Rootings
From: Noah Meyerhans <noahm@debian.org>
Date: Sun, 25 May 2003 15:44:51 -0400
Message-id: <20030525194451.GC18352@unblinking-eye.lcs.mit.edu>
Mail-followup-to: Noah Meyerhans <noahm@debian.org>, Bradley Alexander <storm@tux.org>, Jayson Vantuyl <kagato@souja.net>, Debian Security <debian-security@lists.debian.org>
In-reply-to: <1053891223.20535.100.camel@defiant.sonsofthunder.yi.org>
References: <20030525180430.GB32546@yagami.infodump.net> <1053891223.20535.100.camel@defiant.sonsofthunder.yi.org>

> 25 - It is entirely possible this is how the attacker got in. If you can
> avoid ftp (by using scp/sftp), do so. This will close 25% of your known
> open ports. And anonymous ftp is especially vulnerable.

If you want to sound credible you should probably at least know what
listens on port 25.  (Hint: it's not FTP)

noah

-- 
 _______________________________________________________
| Web: http://web.morgul.net/~frodo/
| PGP Public Key: http://web.morgul.net/~frodo/mail.html

Attachment: pgpAZriLmPVzK.pgp
Description: PGP signature

Reply to:

Follow-Ups:
- Re: Advice Needed On Recent Rootings
  - From: Bradley Alexander <storm@tux.org>

References:
- Advice Needed On Recent Rootings
  - From: Jayson Vantuyl <kagato@souja.net>
- Re: Advice Needed On Recent Rootings
  - From: Bradley Alexander <storm@tux.org>

Prev by Date: Re: Advice Needed On Recent Rootings
Next by Date: Re: Advice Needed On Recent Rootings
Previous by thread: Re: Advice Needed On Recent Rootings
Next by thread: Re: Advice Needed On Recent Rootings
Index(es):
- Date
- Thread