[PLUG] How did they do this?
Rich Shepard
rshepard at appl-ecosys.com
Mon May 13 18:32:05 UTC 2002
On Mon, 13 May 2002, Colin Kuskie wrote:
> Firewalls can be spoofed or bypassed. I know that having those
> services are a convenience, but they are a hole.
Colin,
I turned off the services. Should I also kill inetd? If this process is
used only to run remote connections (login, telnet and the r* series), and
none of those services are to be used externally, I should be able to shut
it down without harm. Correct?
> You may want to upgrade. I've been seeing attempts to long in via ssh
> with various users (oracle, test) on my server and with school getting
> out it may be script kiddie time again. Of course, in my logs they
> were clearly tagged as coming from sshd so my life was simpler.
Open-ssh was just upgraded a month or so ago, but I've no objection to
doing so again.
Thanks,
Rich
More information about the PLUG
mailing list