From: "Victor Tsaran" <vtsaran@nimbus.ocis.temple.edu>
To: <speakup@braille.uwo.ca>
Subject: Re: security
Date: Sun, 5 Nov 2000 23:37:05 -0800 [thread overview]
Message-ID: <000001c047ce$2146d860$b23b9ed8@wang> (raw)
In-Reply-To: <Pine.LNX.4.05.10010300941270.7168-100000@speech.braille.uwo.ca>
SMBD, do you mean SAMBA server daemon? This is another interesting point.
People should shutdown services they don't use, for example, routed or
gateway or NIS or SMBD. Because Linux is intended to be used on a multiuser
networks, a lot of these services are installed by default are initiated by
default. Learn your OS before you use it!
Vic
******* ******* *******
have you thought of visiting Cybertsar's Internet Kingdom? It is still
alive!
Here is the URL:
http://go.to/vtsaran
or
http://kickme.to/vtsaran
******* ******* *******
----- Original Message -----
From: "Frank J. Carmickle" <frankiec@braille.uwo.ca>
To: "Kirk Wood" <cpt.kirk@1tree.net>
Cc: <speakup@braille.uwo.ca>
Sent: Monday, October 30, 2000 7:11 AM
Subject: Re: security
> This is very true. Shawn calls me up at 12:00 am saying that sshd is
> running but he can't get any connections on port 22. Tcpdump on port 22
> revealed some trafic. Searching through inetd revealed some crazy service
> called smbd2 which spauned a shell as root. This all happened after the
> machine misteriously rebooted.
>
> Fun!
> FC
>
>
> On Mon, 30 Oct 2000, Kirk Wood wrote:
>
> > You should look for any connections from IP addresses you don't
> > recognize. While this would be harder for a production system, on a home
> > system it shouldn't be too tough. I would pay particular attention to
ftp
> > connections (if you have the service available.
> >
> > As for everything you can look for, that fills books and employs
> > profesionals all with their own opinion. And just so you know, if you
have
> > a full time connection and find one day you can't log into your own
> > machine. Turn it off. I have a friend who thought somethign had just
gone
> > wrong and needed fixed. Turns out his system had been compromised. If in
> > doubt shut down and remove it from the net.
> >
> > =======
> > Kirk Wood
> > Cpt.Kirk@1tree.net
> >
> >
> >
> > _______________________________________________
> > Speakup mailing list
> > Speakup@braille.uwo.ca
> > http://speech.braille.uwo.ca/mailman/listinfo/speakup
> >
>
>
> _______________________________________________
> Speakup mailing list
> Speakup@braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup
next prev parent reply other threads:[~ UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
security Joseph Norton
` security Kirk Wood
` security Frank J. Carmickle
` Victor Tsaran [this message]
` security Frank J. Carmickle
` security Janina Sajka
security Tyler Spivey
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='000001c047ce$2146d860$b23b9ed8@wang' \
--to=vtsaran@nimbus.ocis.temple.edu \
--cc=speakup@braille.uwo.ca \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).