Well folks if you've ever wondered what might happen if you go online before securing
a
new installation check this out from my /var/logs/messages...
My comments start with /*
I've wrapped the long lines from the log
/* First a buffer overflow exploit.
Feb 10 20:07:10 localhost rpc.statd[273]: gethostbyname error for
^X���^X���^Y� � �^Y���^Z���^Z���^[���^[���bffff750 8049710
8052c28687465676274736f6d616e79726 520 bffff718 bffff719 bffff71a
/* Then he creates new user...
Feb 10 20:07:59 localhost adduser[5153]: new user:
name=cgi, uid=0, gid=0, home =/home/cgi, shell=/bin/bash
/* changes the passwd like a good boy...
Feb 10 20:08:18 localhost PAM_pwdb[5154]: password for (cgi/0) changed by
Feb 10 20:08:18 localhost PAM_pwdb[5154]: password for (cgi/0) changed by
((null)/0)
/* gives himself a second way in
Feb 10 20:08:49 localhost PAM_pwdb[5155]: password for (operator/11) changed by
((null)/0)
/* I pull the plug
Feb 10 20:09:42 localhost pppd[2439]: Terminating on signal 15.
Feb 10 20:20:00 localhost kernel: PPP: ppp line discipline successfully unregistered
So the moral is, you ain't done installing just because it works.
Time to wipe this puppy and start over...
--
There's no such thing as a "pretty good" alligator wrestler.
[EMAIL PROTECTED] Tom Rauschenbach
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
