Re: Have we been cracked?

To: <debian-user@lists.debian.org>
Subject: Re: Have we been cracked?
From: "Marc Mongeon" <Mongeon@bankoe.com>
Date: Mon, 21 Jun 1999 16:28:54 -0500
Message-id: <[🔎] s76e6866.024@SPIDY>

It looks like somebody ran some sort of port scanner against your
system, looking for a vulnerability.  From the attached logs, it wasn't
obvious that the attack was successful.  Did you find evidence on
the system that it had been cracked?  It's possible that imapd with-
stood the attack.  I'm no security expert, and only responded with
my 2 cents worth to keep the topic from dying.  Any input from more
knowledgeable people out there?

Marc


----------
Marc Mongeon <mongeon@bankoe.com>
Unix Specialist
Ban-Koe Systems
9100 W Bloomington Fwy
Bloomington, MN 55431-2200
(612)888-0123, x417 | FAX: (612)888-3344
----------
"It's such a fine line between clever and stupid."
   -- David St. Hubbins and Nigel Tufnel of "Spinal Tap"


>>> Dan DeMond <demond@willow.seitz.com> 06/21 2:44 PM >>>
Hello all,
	I'm think that our system may have been cracked.  I think they got
in through imapd, because of what was in the logfile(see attachment).
	
	My question is, did they really get in through imapd?  On
www.cert.org there was an advisory for imapd, but that was last year this
time.  Cert said the affected versions were <=10.234, while our version
reports 11.241.  Are newer versions still vulnerable?

	Thanks in Advance,
	Dan DeMond

Reply to:

Follow-Ups:
- Re: Have we been cracked?
  - From: Rahsheen Porter <rahsheen@neuplanet.cx>

Prev by Date: Re: How to determine local IP
Next by Date: diald -- help or source!
Previous by thread: Have we been cracked?
Next by thread: Re: Have we been cracked?
Index(es):
- Date
- Thread