Re: AdoreWorm

From: Chris BeHanna (
Date: 11/15/01

Date: Wed, 14 Nov 2001 22:44:17 -0500 (EST)
From: Chris BeHanna <>
To: <>

On Wed, 14 Nov 2001, Stefan Probst wrote:

> Hello Chris,
> At 09:58 14.11.2001 -0500, you wrote:
> -------------------------
> >There is no reason I can think of to use
> >it [telnetd] on any modern server, because ssh clients are widely and freely
> >available for every platform.
> I will give you some reasons:
> 1. Until a few weeks ago, Vietnam was behind a nation-wide firewall, which
> didn't let ssh pass. I had no choice than to do everything via telnetd.

    It is possible to tunnel just about anything through a firewall if
you're determined enough.

> But, just to clarify: On all my machines, root has neither telnet, nor ftp
> access. And I am not on a cable modem (where the whole neighbourhood can
> sniff packets), but dial-up to the ISP, and from there comparable direct
> lines to the server in the US. "Only" provider staff should have access to
> the lines, i.e. be able to sniff.

    How many hops between your ISP and the machine? Even if the
answer is "1", you are still vulnerable to such things as dsniff.

Chris BeHanna
Software Engineer                   (Remove "bogus" before responding.)
I was raised by a pack of wild corn dogs.
To Unsubscribe: send mail to
with "unsubscribe freebsd-security" in the body of the message