Jde mi o ten port 1109 ...
Pavel Kankovsky
peak na argo.troja.mff.cuni.cz
Pátek Květen 19 10:38:34 CEST 2000
On Fri, 19 May 2000, q wrote:
> co to je port 1109? Udajne kpop. Je v tom naka chyba? neco sem nasel ale
> nejsem uplne jistej. Poradte.
<quote>
Daemons or services that may call krb_rd_req() and are thus vulnerable
to remote exploit include:
krshd
klogind (if accepting Kerberos 4 authentication)
telnetd (if accepting Kerberos 4 authentication)
ftpd (if accepting Kerberos 4 authentication)
rkinitd
kpopd
</quote>
Viz Bugtraq, CERT...
> Jedna se o prunik do masiny...
O prunik tezko, kdyz to skoncilo na firewallu, ale pokus by to mohl byt.
> May 16 17:46:37 lamer PAM_pwdb[1967]: (su) session opened for user
> nobody by (uid=0)
> May 16 17:46:37 lamer pam_xauth[1967]: do_file: could not create dir
> //.xauth
Neni pam_xauth trochu moc iniciativni?
> May 16 17:47:00 lamer sshd[1998]: connect from 127.0.0.1
> May 16 17:47:00 lamer sshd[1998]: log: Connection from 127.0.0.1 port
> 3356
> May 16 17:47:00 lamer sshd[1998]: fatal: Did not receive ident string.
Tohle je take moc pekne. Urcite filtrujete ze site prichozi pakety
s adresami z 127.0.0.0/8?
--Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ]
"Resistance is futile. Open your source code and prepare for assimilation."
Další informace o konferenci Linux