Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 20 Jul 2001 14:03:31 -0700
From:      "Chad R. Larson" <chad@DCFinc.com>
To:        Chris Faulhaber <jedgar@fxp.org>, "Chad R. Larson" <chad@DCFinc.com>, Tom <tom@uniserve.com>, admin@kremilek.gyrec.cz, freebsd-stable@FreeBSD.ORG
Subject:   Re: probably remote exploit
Message-ID:  <20010720140331.A12903@freeway.dcfinc.com>
In-Reply-To: <20010720141820.C47930@peitho.fxp.org>; from jedgar@fxp.org on Fri, Jul 20, 2001 at 02:18:20PM -0400
References:  <Pine.LNX.3.96.1010720174942.651C-100000@kremilek.gyrec.cz> <Pine.BSF.4.10.10107200923060.4917-100000@athena.uniserve.ca> <20010720111551.A12442@freeway.dcfinc.com> <20010720141820.C47930@peitho.fxp.org>

next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Jul 20, 2001 at 02:18:20PM -0400, Chris Faulhaber wrote:
> On Fri, Jul 20, 2001 at 11:15:51AM -0700, Chad R. Larson wrote:
>> On Fri, Jul 20, 2001 at 09:24:20AM -0700, Tom wrote:
>>> There are known problems wiht ntpd, which you seem to be using.  There
>>> is also a local exploit in 4.3-RELEASE.  You should be on the
>>> freebsd-security mailing list, and you should be checking the archives
>>> of that list first.
>> 
>> Also, to be sure no one installed any backdoors, you might want to
>> do a CVSup/buildworld/installworld cycle.
>> 
> 
> unless, of course, they trojaned the build tools :/  a full reinstall
> is the best bet.

Yes, but the CVSup will notice if any of the sources don't match the
repository, and the subsequent buildworld will regenerate all the
binaries.

	-crl
--
Chad R. Larson (CRL15)   602-953-1392   Brother, can you paradigm?
chad@dcfinc.com         chad@larsons.org          larson1@home.com
DCF, Inc. - 14623 North 49th Place, Scottsdale, Arizona 85254-2207

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010720140331.A12903>