On Friday 05 July 2002 15:32, Brian O'Donoghue sent nerve impulses to their
fingers and typed:
> I setup up a Slackware box as a gateway and firewall recenctly.
>> Some guy who apparently works for a security company claims to have 'done a
> security probe on our ip' and found that we had a telnet and chargen
> exploit amognst others.
>>> The thing is that he is living with one of the other developers I work with
> and I have been asked to reveal the root password for my Slackware box.
>> <Advice appreciated>
Without a doubt theres something dodgy here. I have heard of something similar
before. A mate of mine was working as an NT admin at a small regional English
building society and in addition to NT boxes there was a VAX and a few Linux
boxes (running an estates agents website search type of thing). A COBOL
consultant the society used frequently claimed he had found a weakness in the
Linux boxes relating to remote logins, but he would not specify what, but he
did offer to fix it at a price. Smelling something dodgy the society gave him
a password with root prvilidges and allowed him in to HQ to fix the problem.
As soon as he was gone they checked the logs, turns out he done absolutley
nowt, he opened a few files in /etc and that was about it. For his few hours
work he wanted £4,000! Instead the building society went to the police and
had him done with fraud.
Bye for now,
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!