Quoting guy keren, from the post of Thu, 04 Dec: > > due to a security bug found in rsync, when running in daemon mode, i > temporarily disabled the 'rsyncd' service (which runs 'rsync --daemon') on > IGLU's server. > > Ilya - i couldn't see where are the soruces that rsync was compiled from. > however, it looks like the rsync binary was replaced on 21-november - any > idea who replaced it and why? > > as far as i understand, this bug was announced after that date.
my personal server was running rsync as a daemon, and was cracked and a root kit was installed on November 25th. I just finished reinstalling the system with Kernel 2.4.23. triple check the server, especially with suspiciously new files in /bin, /sbin and such. ls -lt /bin|head or whatnot. Be afraid, only the paranoid survive afterall. check also beak and Fiasco (Shachar?) G'Day -- Back by popular demand Ira Abramov http://ira.abramov.org/email/
