From: jac1 (jac1 at domain student.cs.ucc.ie)
Date: Fri 05 Jul 2002 - 15:51:04 IST
Don't take sweets from strangers
>===== Original Message From "Brian O'Donoghue" <Brian.ODonoghue at domain kbs.ie> =====
>I setup up a Slackware box as a gateway and firewall recenctly.
>
>Some guy who apparently works for a security company claims to have 'done a
>security probe on our ip' and found that we had a telnet and chargen exploit
>amognst others.
>
>The only thing is I'm not running telnet nor chargen on the slackware box...
>and the only port you can actually initiate a connection on from outside our
>internal ip range is (ie from the internet) is port 25... which gets
>forwarded to a windows nt 4 server.
>
>Now either this guy is lying about telnet,chargen and others or he has found
>a way to exploit exchange server such that it provides access to say a
>buffer overflow on the windows box and from they say running a telnet
>session on the windows box, he has managed to find an exploit on the slack
>box.... or he has found a way to overcome the fact that I am dropping
>connections by default on all ports on the firewall bar port 25 which gets
>forwarded <something I'm sure the kernel hackers might be quite interested
>in>.
>
>The thing is that he is living with one of the other developers I work with
>and I have been asked to reveal the root password for my Slackware box.
>
><Advice appreciated>
>Bod
>
>--
>Irish Linux Users' Group: ilug at domain linux.ie
>http://www.linux.ie/mailman/listinfo/ilug for (un)subscription information.
>List maintainer: listmaster at domain linux.ie
This archive was generated by hypermail 2.1.6 : Thu 06 Feb 2003 - 13:17:41 GMT