Re: Telent Exploit

From: Kris Kennaway (kris@obsecurity.org)
Date: 05/06/02

Next message: Matthew Dillon: "Re: You've Been Removed!"
Previous message: Michael Sierchio: "Re: You've Been Removed!"
In reply to: Dylan A. Reinhold: "Telent Exploit"
Next in thread: Charles M. Richmond: "Re: Telnet Exploit"
Reply: Charles M. Richmond: "Re: Telnet Exploit"
Reply: Dylan A. Reinhold: "Re: Telent Exploit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Mon, 6 May 2002 13:25:03 -0700
From: Kris Kennaway <kris@obsecurity.org>
To: "Dylan A. Reinhold" <Dylan@ocnetworking.com>

On Mon, May 06, 2002 at 12:04:02PM -0700, Dylan A. Reinhold wrote:
> I think I just got hit with a telent exploit. I noticed some network
> activity on my cable modem, Logged in my gateway ran 'w' no one else but
>
> ran 'top' I had telned running, in my security logs I found this:
>
> May 5 16:27:45 cx17105-b /kernel: ipfw: 4000 Accept TCP
> 211.234.111.226:58981 68**.**.**:23 in via ep0
> May 5 16:27:46 cx17105-b /kernel: ipfw: 4000 Accept TCP
> 211.234.111.226:59085 68.**.**.**:23 in via ep0
> May 5 16:27:47 cx17105-b /kernel: ipfw: 4000 Accept TCP
> 211.234.111.226:59086 **.**.**:23 in via ep0
>
> Im running stable what gives???? The worst part was I only had Telnet
> enabled for 3 hours....

Why do you think you were exploited? The above only shows people
connecting to the port. If you don't want people doing that, don't
allow them to.

Kris

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

application/pgp-signature attachment: stored

Next message: Matthew Dillon: "Re: You've Been Removed!"
Previous message: Michael Sierchio: "Re: You've Been Removed!"
In reply to: Dylan A. Reinhold: "Telent Exploit"
Next in thread: Charles M. Richmond: "Re: Telnet Exploit"
Reply: Charles M. Richmond: "Re: Telnet Exploit"
Reply: Dylan A. Reinhold: "Re: Telent Exploit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Slow speeds on wireless gateway
... > am having bandwidth issues. ... > have a cable modem that is connect to a obsd firewall with 2 nics. ... > Once nic goes off to one segment of the network and the other nic is ... the wireless gateway and the OpenBSD machine? ...
(comp.unix.bsd.openbsd.misc)
Telent Exploit
... I noticed some network ... activity on my cable modem, Logged in my gateway ran 'w' no one else but ... ran 'top' I had telned running, in my security logs I found this: ...
(FreeBSD-Security)
Re: peer to peer networking
... They BOTH have Internet (cable modem) but cannot see each other ... I did try to use the network setup wizard and named the work group Office ... default gateway and an ip address where only the last octect has a diff ... Also ensure that there is no firewalling done on the router because it ...
(microsoft.public.windowsxp.general)