Don't take sweets from strangers
>===== Original Message From "Brian O'Donoghue" <Brian.ODonoghue at kbs.ie> =====
>I setup up a Slackware box as a gateway and firewall recenctly.
>>Some guy who apparently works for a security company claims to have 'done a
>security probe on our ip' and found that we had a telnet and chargen exploit
>amognst others.
>>The only thing is I'm not running telnet nor chargen on the slackware box...
>and the only port you can actually initiate a connection on from outside our
>internal ip range is (ie from the internet) is port 25... which gets
>forwarded to a windows nt 4 server.
>>Now either this guy is lying about telnet,chargen and others or he has found
>a way to exploit exchange server such that it provides access to say a
>buffer overflow on the windows box and from they say running a telnet
>session on the windows box, he has managed to find an exploit on the slack
>box.... or he has found a way to overcome the fact that I am dropping
>connections by default on all ports on the firewall bar port 25 which gets
>forwarded <something I'm sure the kernel hackers might be quite interested
>in>.
>>The thing is that he is living with one of the other developers I work with
>and I have been asked to reveal the root password for my Slackware box.
>><Advice appreciated>
>Bod
>>--
>Irish Linux Users' Group: ilug at linux.ie>http://www.linux.ie/mailman/listinfo/ilug for (un)subscription information.
>List maintainer: listmaster at linux.ie
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
