atom feed200 messages in org.freebsd.freebsd-securityRe: security hole in FreeBSD
FromSent OnAttachments
60 earlier messages
Gary Clark IIJul 28, 1997 4:06 pm 
Vincent PoyJul 28, 1997 4:14 pm 
Vincent PoyJul 28, 1997 4:16 pm 
Vincent PoyJul 28, 1997 4:18 pm 
Matthew N. DoddJul 28, 1997 4:18 pm 
Vincent PoyJul 28, 1997 4:19 pm 
Vincent PoyJul 28, 1997 4:25 pm 
Vincent PoyJul 28, 1997 4:30 pm 
Brian BuchananJul 28, 1997 4:48 pm 
Jordan K. HubbardJul 28, 1997 4:59 pm 
Jordan K. HubbardJul 28, 1997 5:00 pm 
Vincent PoyJul 28, 1997 5:02 pm 
Brian BuchananJul 28, 1997 5:09 pm 
Vincent PoyJul 28, 1997 5:19 pm 
Vincent PoyJul 28, 1997 5:20 pm 
Gary PalmerJul 28, 1997 5:22 pm 
Vincent PoyJul 28, 1997 5:26 pm 
Vincent PoyJul 28, 1997 5:30 pm 
Gary PalmerJul 28, 1997 5:30 pm 
Brian BuchananJul 28, 1997 5:32 pm 
Gary PalmerJul 28, 1997 5:33 pm 
Vincent PoyJul 28, 1997 5:34 pm 
Gary PalmerJul 28, 1997 5:36 pm 
Vincent PoyJul 28, 1997 5:40 pm 
Gary PalmerJul 28, 1997 5:44 pm 
Gary PalmerJul 28, 1997 5:45 pm 
Vincent PoyJul 28, 1997 5:49 pm 
Gary PalmerJul 28, 1997 5:53 pm 
Vincent PoyJul 28, 1997 5:57 pm 
Vincent PoyJul 28, 1997 6:01 pm 
Vincent PoyJul 28, 1997 6:01 pm 
Brian BuchananJul 28, 1997 6:19 pm 
Brian BuchananJul 28, 1997 6:24 pm 
Matthew N. DoddJul 28, 1997 6:41 pm 
Robert WatsonJul 28, 1997 6:59 pm 
Robert WatsonJul 28, 1997 7:00 pm 
Vincent PoyJul 28, 1997 7:01 pm 
Vincent PoyJul 28, 1997 7:04 pm 
Matthew N. DoddJul 28, 1997 7:19 pm 
John PreislerJul 28, 1997 7:31 pm 
Brian BuchananJul 28, 1997 7:52 pm 
John DowdalJul 28, 1997 8:29 pm 
Annelise AndersonJul 28, 1997 8:41 pm 
Nate WilliamsJul 28, 1997 9:09 pm 
Vincent PoyJul 28, 1997 9:12 pm 
Vincent PoyJul 28, 1997 9:15 pm 
Vincent PoyJul 28, 1997 9:19 pm 
Heikki SuonsivuJul 28, 1997 9:33 pm 
Jan KoumJul 28, 1997 9:39 pm 
Vincent PoyJul 28, 1997 9:49 pm 
Jordan K. HubbardJul 28, 1997 10:05 pm 
Vincent PoyJul 28, 1997 10:14 pm 
Gary PalmerJul 28, 1997 10:27 pm 
Gary PalmerJul 28, 1997 10:28 pm 
Vincent PoyJul 28, 1997 10:35 pm 
Vincent PoyJul 28, 1997 10:37 pm 
John-David ChildsJul 28, 1997 10:38 pm 
Gary PalmerJul 28, 1997 10:40 pm 
Vincent PoyJul 28, 1997 10:44 pm 
Gary PalmerJul 28, 1997 10:50 pm 
Vincent PoyJul 28, 1997 10:55 pm 
Jordan K. HubbardJul 28, 1997 10:59 pm 
Vincent PoyJul 28, 1997 11:01 pm 
Jordan K. HubbardJul 28, 1997 11:07 pm 
Jordan K. HubbardJul 28, 1997 11:11 pm 
Jordan K. HubbardJul 28, 1997 11:16 pm 
Sergei S. LaskavyJul 29, 1997 12:13 am 
John-David ChildsJul 29, 1997 2:09 am 
NarviJul 29, 1997 2:48 am 
Stephen D. SpencerJul 29, 1997 3:43 am 
Robert WatsonJul 29, 1997 5:32 am 
Adam ShostackJul 29, 1997 5:49 am 
Robert WatsonJul 29, 1997 6:39 am 
Nate WilliamsJul 29, 1997 7:19 am 
Rodney W. GrimesJul 29, 1997 8:58 am 
Warner LoshJul 29, 1997 9:25 am 
Warner LoshJul 29, 1997 9:34 am 
Christopher PetrilliJul 29, 1997 9:52 am 
Jim ShanklandJul 29, 1997 9:57 am 
John DowdalJul 29, 1997 10:50 am 
Poul-Henning KampJul 29, 1997 12:05 pm 
Bill PechterJul 29, 1997 12:29 pm 
Matthew HuntJul 29, 1997 12:37 pm 
Christopher PetrilliJul 29, 1997 12:43 pm 
[Mario1-]Jul 29, 1997 1:07 pm 
Garrett WollmanJul 29, 1997 1:07 pm 
[Mario1-]Jul 29, 1997 1:14 pm 
sth...@nethelp.noJul 29, 1997 1:39 pm 
Jordan K. HubbardJul 29, 1997 2:23 pm 
Vincent PoyJul 29, 1997 2:45 pm 
Vincent PoyJul 29, 1997 2:57 pm 
Vincent PoyJul 29, 1997 3:02 pm 
sth...@nethelp.noJul 29, 1997 3:30 pm 
Rocco LuciaJul 29, 1997 3:33 pm 
Vincent PoyJul 29, 1997 3:44 pm 
Aaron BornsteinJul 29, 1997 3:44 pm 
Vincent PoyJul 29, 1997 3:54 pm 
Vincent PoyJul 29, 1997 4:00 pm 
Jay D. NelsonJul 29, 1997 5:29 pm 
Adam ShostackJul 29, 1997 6:06 pm 
40 later messages
Subject:Re: security hole in FreeBSD
From:Vincent Poy (vin@mail.MCESTATE.COM)
Date:Jul 28, 1997 9:49:29 pm
List:org.freebsd.freebsd-security

On Tue, 29 Jul 1997, Heikki Suonsivu wrote:

=) =)Vincent Poy writes: =) > Machines are offline already. The hacker confronted us and said =) > that it was the default .rhosts file that came in the FreeBSD root account =) > and he used perl5.00401 which had a security hole and then used rlogin to =) > login to another machine without the password. =) =)There is no default .rhosts file in FreeBSD, so the hacker is probably =)trying to avoid telling you what was the real hole. =) =)Just for reference, there are large number of irc scripts which contain =)backdoors (often well-disguised), which usually create .rhosts file with "+ =)+" in it. The easiest way is to trick someone in the machine to run one of =)those scripts and it opens the machine, then use one of the FreeBSD =)holes or local misconfigurations to open the rest.

I might just have gotten carried away about the .rhosts thing. You're probably right about the .rhosts file because it's in my directory on this machine but not in the root directory and the contents are just: # This file should NOT be group or other readable. #OtherMachine #OtherMachine myFriend

I haven't used irc like for a few years. The machine is a irc server though. Not the one he originally hacked but the one he hacked after he hacked the first one.

Cheers, Vince - vin@MCESTATE.COM - vin@GAIANET.NET ________ __ ____ Unix Networking Operations - FreeBSD-Real Unix for Free / / / / | / |[__ ] GaiaNet Corporation - M & C Estate / / / / | / | __] ] Beverly Hills, California USA 90210 / / / / / |/ / | __] ] HongKong Stars/Gravis UltraSound Mailing Lists Admin /_/_/_/_/|___/|_|[____]