"Arvind" <[EMAIL PROTECTED]> (Friday, August 02, 2002 10:22 AM) Subject: Re: [LIH]openssh 3.4p1 advisory
> | Ouch! Downloaded and verified. It is true - the trojaned version connects > | to 203.62.158.32 port 6667 and waits for a 1 character command - if it is > | 'D', then it spawns /bin/sh on the socket (effectively, reading shell > | commands from the network). > > hmmmm....... > i tried an nmap on my local system, it says openssh connects to port 22. > how did u manage to find out all those details you have mentioned above ? > cant see any such info in the openssh faq at their website. frodo:~% tar -zxvf openssh-trojaned.tar.gz frodo:~% vi bf-test.c Prerequisite - knowledge of C. Oh, perhaps you might have tried to take a look at the topmost link at openssh.org - http://www.openssh.org/txt/trojan.adv -srs ------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ linux-india-help mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/linux-india-help
