Date: Tue, 10 Dec 1996 00:39:41 -0500 (EST) From: Brian Tao <taob@io.org> To: FREEBSD-SECURITY-L <freebsd-security@FreeBSD.ORG> Subject: Re: URGENT: Packet sniffer found on my system Message-ID: <Pine.BSF.3.95.961210003841.1328C-100000@nap.io.org> In-Reply-To: <Pine.BSF.3.95.961210000201.1328A-100000@nap.io.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 10 Dec 1996, Brian Tao wrote:
>
> What it does is use bpf to log every connection between a pair of
> hosts and save all the good parts to a series of files. The guy
> running the sniffer logged well over 17000 connections today and god
> knows how many username/password combinations. He was watching the
> FTP and POP3 ports, mainly.
Also the telnet ports to the shell servers... any tips for
cleaning up the mess? Obviously the users should be told they need to
change their passwords right away (now to think of a good way to let
everyone know... :-/).
--
Brian Tao (BT300, taob@io.org, taob@ican.net)
Senior Systems and Network Administrator, Internet Canada Corp.
"Though this be madness, yet there is method in't"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95.961210003841.1328C-100000>