On 15 Apr 2002, Joshua Newman wrote: > It's embarrassing but I may have not had the firewall up but relied on > default RedHat 7.2 medium security setting. I did turn off talk, > telnet and some of those services but ftp was running, and zope on > 8080, and 8021, and apache on 80, and ssh on 22.
it could have been any number of things. did you rebuild the box? if you haven't touched the box and can image the filesystem, we can do some forensics on it and figure out what exactly happened. rule of thumb, don't rely on redhat to be secure. do it by hand, and make sure you are running the latest versions of your applications (openssh, wu-ftpd, apache, etc). openssh would be a prime candidate, and if this was in fact the channel vulnerability i'd love to do some forensics on it as i don't believe an exploit for that vulnerability has been seen in the wild. -- christian void - [EMAIL PROTECTED] www.morphine.com/void/ gpg key available on request _______________________________________________ Bits mailing list [EMAIL PROTECTED] http://www.sugoi.org/mailman/listinfo/bits
