Date: Fri, 20 Jul 2001 09:27:10 -0700 (PDT) From: Mike Hoskins <mike@adept.org> To: admin@kremilek.gyrec.cz Cc: freebsd-stable@FreeBSD.org Subject: Re: probably remote exploit Message-ID: <Pine.BSF.4.21.0107200923430.15285-100000@snafu.adept.org> In-Reply-To: <Pine.LNX.3.96.1010720174942.651C-100000@kremilek.gyrec.cz>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 20 Jul 2001 admin@kremilek.gyrec.cz wrote: > Probably just warning. I personally couldn't believe it, but on > the last list of my 4.2-RELEASE appeared that host sh2.1-sh.com was logged > as user Jim. The one bad thing I did, that firewall wasnt working and > there is NFS available ... If you allow anyone to play with RPC, you'll be hacked. Appropriate configuration of your firewall and/or /etc/hosts.allow in the absense of packet filtering will close this hole. Later, -Mike -- 2^n eyes are better than 2. Join the logwatchers community today. http://www.adept.org/mailinglists.html#logwatchers To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0107200923430.15285-100000>