Date: Sun, 16 Nov 1997 09:13:41 -0800 From: "Randy A. Katz" <randyk@ccsales.com> To: questions@freebsd.org Subject: HOW (HIJACK ROOT PROCESS) Message-ID: <3.0.5.32.19971116091341.00ca0650@ccsales.com>
next in thread | raw e-mail | index | archive | help
Hello, I suspect someone hijacked a root process, downloaded master.passwd, ran cracker (or something like that) on it and gained complete access to one of my systems. I'm running FreeBSD 2.2.2 RELEASE with the latest sendmail, bind, mail que software (qpop)... I need to know how they gain access to a root process so I can try it and patch up the hole there. Please don't tell me to reinstall, I'll do that when I've understood the access path. Thanx (and HELP!!!) Randy Katz
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.5.32.19971116091341.00ca0650>