200 messages in org.freebsd.freebsd-securityRe: security hole in FreeBSD| From | Sent On | Attachments |
|---|---|---|
| 27 earlier messages | ||
| Vincent Poy | Jul 28, 1997 11:31 am | |
| Robert Watson | Jul 28, 1997 11:33 am | |
| Robert Watson | Jul 28, 1997 11:44 am | |
| Jonathan A. Zdziarski | Jul 28, 1997 11:46 am | |
| Jonathan A. Zdziarski | Jul 28, 1997 11:48 am | |
| Jonathan A. Zdziarski | Jul 28, 1997 11:49 am | |
| Robert Watson | Jul 28, 1997 12:29 pm | |
| Vincent Poy | Jul 28, 1997 12:29 pm | |
| Vincent Poy | Jul 28, 1997 12:38 pm | |
| Vincent Poy | Jul 28, 1997 12:48 pm | |
| Vincent Poy | Jul 28, 1997 12:54 pm | |
| Vincent Poy | Jul 28, 1997 12:56 pm | |
| Adam Shostack | Jul 28, 1997 1:04 pm | |
| Jonathan A. Zdziarski | Jul 28, 1997 1:15 pm | |
| Jonathan A. Zdziarski | Jul 28, 1997 1:16 pm | |
| Robert Watson | Jul 28, 1997 1:45 pm | |
| Jonathan A. Zdziarski | Jul 28, 1997 1:47 pm | |
| Jonathan A. Zdziarski | Jul 28, 1997 1:51 pm | |
| Robert Watson | Jul 28, 1997 1:54 pm | |
| Nate Williams | Jul 28, 1997 2:00 pm | |
| Ollivier Robert | Jul 28, 1997 2:07 pm | |
| Matthew N. Dodd | Jul 28, 1997 2:14 pm | |
| Karl Denninger | Jul 28, 1997 2:42 pm | |
| Vincent Poy | Jul 28, 1997 2:43 pm | |
| Vincent Poy | Jul 28, 1997 3:01 pm | |
| Vincent Poy | Jul 28, 1997 3:06 pm | |
| Jordan K. Hubbard | Jul 28, 1997 3:10 pm | |
| Vincent Poy | Jul 28, 1997 3:25 pm | |
| Vincent Poy | Jul 28, 1997 3:28 pm | |
| Matthew N. Dodd | Jul 28, 1997 3:30 pm | |
| Vincent Poy | Jul 28, 1997 3:30 pm | |
| Vincent Poy | Jul 28, 1997 3:44 pm | |
| Brian Buchanan | Jul 28, 1997 4:06 pm | |
| Gary Clark II | Jul 28, 1997 4:06 pm | |
| Vincent Poy | Jul 28, 1997 4:14 pm | |
| Vincent Poy | Jul 28, 1997 4:16 pm | |
| Vincent Poy | Jul 28, 1997 4:18 pm | |
| Matthew N. Dodd | Jul 28, 1997 4:18 pm | |
| Vincent Poy | Jul 28, 1997 4:19 pm | |
| Vincent Poy | Jul 28, 1997 4:25 pm | |
| Vincent Poy | Jul 28, 1997 4:30 pm | |
| Brian Buchanan | Jul 28, 1997 4:48 pm | |
| Jordan K. Hubbard | Jul 28, 1997 4:59 pm | |
| Jordan K. Hubbard | Jul 28, 1997 5:00 pm | |
| Vincent Poy | Jul 28, 1997 5:02 pm | |
| Brian Buchanan | Jul 28, 1997 5:09 pm | |
| Vincent Poy | Jul 28, 1997 5:19 pm | |
| Vincent Poy | Jul 28, 1997 5:20 pm | |
| Gary Palmer | Jul 28, 1997 5:22 pm | |
| Vincent Poy | Jul 28, 1997 5:26 pm | |
| Vincent Poy | Jul 28, 1997 5:30 pm | |
| Gary Palmer | Jul 28, 1997 5:30 pm | |
| Brian Buchanan | Jul 28, 1997 5:32 pm | |
| Gary Palmer | Jul 28, 1997 5:33 pm | |
| Vincent Poy | Jul 28, 1997 5:34 pm | |
| Gary Palmer | Jul 28, 1997 5:36 pm | |
| Vincent Poy | Jul 28, 1997 5:40 pm | |
| Gary Palmer | Jul 28, 1997 5:44 pm | |
| Gary Palmer | Jul 28, 1997 5:45 pm | |
| Vincent Poy | Jul 28, 1997 5:49 pm | |
| Gary Palmer | Jul 28, 1997 5:53 pm | |
| Vincent Poy | Jul 28, 1997 5:57 pm | |
| Vincent Poy | Jul 28, 1997 6:01 pm | |
| Vincent Poy | Jul 28, 1997 6:01 pm | |
| Brian Buchanan | Jul 28, 1997 6:19 pm | |
| Brian Buchanan | Jul 28, 1997 6:24 pm | |
| Matthew N. Dodd | Jul 28, 1997 6:41 pm | |
| Robert Watson | Jul 28, 1997 6:59 pm | |
| Robert Watson | Jul 28, 1997 7:00 pm | |
| Vincent Poy | Jul 28, 1997 7:01 pm | |
| Vincent Poy | Jul 28, 1997 7:04 pm | |
| Matthew N. Dodd | Jul 28, 1997 7:19 pm | |
| John Preisler | Jul 28, 1997 7:31 pm | |
| Brian Buchanan | Jul 28, 1997 7:52 pm | |
| John Dowdal | Jul 28, 1997 8:29 pm | |
| Annelise Anderson | Jul 28, 1997 8:41 pm | |
| Nate Williams | Jul 28, 1997 9:09 pm | |
| Vincent Poy | Jul 28, 1997 9:12 pm | |
| Vincent Poy | Jul 28, 1997 9:15 pm | |
| Vincent Poy | Jul 28, 1997 9:19 pm | |
| Heikki Suonsivu | Jul 28, 1997 9:33 pm | |
| Jan Koum | Jul 28, 1997 9:39 pm | |
| Vincent Poy | Jul 28, 1997 9:49 pm | |
| Jordan K. Hubbard | Jul 28, 1997 10:05 pm | |
| Vincent Poy | Jul 28, 1997 10:14 pm | |
| Gary Palmer | Jul 28, 1997 10:27 pm | |
| Gary Palmer | Jul 28, 1997 10:28 pm | |
| Vincent Poy | Jul 28, 1997 10:35 pm | |
| Vincent Poy | Jul 28, 1997 10:37 pm | |
| John-David Childs | Jul 28, 1997 10:38 pm | |
| Gary Palmer | Jul 28, 1997 10:40 pm | |
| Vincent Poy | Jul 28, 1997 10:44 pm | |
| Gary Palmer | Jul 28, 1997 10:50 pm | |
| Vincent Poy | Jul 28, 1997 10:55 pm | |
| Jordan K. Hubbard | Jul 28, 1997 10:59 pm | |
| Vincent Poy | Jul 28, 1997 11:01 pm | |
| Jordan K. Hubbard | Jul 28, 1997 11:07 pm | |
| Jordan K. Hubbard | Jul 28, 1997 11:11 pm | |
| Jordan K. Hubbard | Jul 28, 1997 11:16 pm | |
| Sergei S. Laskavy | Jul 29, 1997 12:13 am | |
| 73 later messages | ||
| Subject: | Re: security hole in FreeBSD | |
|---|---|---|
| From: | Vincent Poy (vin...@mail.MCESTATE.COM) | |
| Date: | Jul 28, 1997 5:26:54 pm | |
| List: | org.freebsd.freebsd-security | |
Just a update on how the break-in was done after the hacker was confronted on irc.
Apparently FreeBSD ships with .rhosts in the root account. Using this and perl5.00401, the user was able to rlogin onto the other machine without using a password. The .rhosts file was unaltered and was the same way FreeBSD installed it originally. The user broke the security of many of Netcom's Livingston Portmasters and was caching the DNS for netcom. Netcom Security wasunable to track down the user until dumping the entire portmaster off.
Cheers, Vince - vin...@MCESTATE.COM - vin...@GAIANET.NET ________ __ ____ Unix Networking Operations - FreeBSD-Real Unix for Free / / / / | / |[__ ] GaiaNet Corporation - M & C Estate / / / / | / | __] ] Beverly Hills, California USA 90210 / / / / / |/ / | __] ] HongKong Stars/Gravis UltraSound Mailing Lists Admin /_/_/_/_/|___/|_|[____]