Howdy all and Merry Christmas !
I recently had someone hack my system (no a big deal as I planned to upgrade
it anyway).
But what they did in attempt to leave a back door I found intriguing.
the following lines in /etc/inetd.conf we added by my unwelcome guest.
telnet stream tcp nowait root /usr/sbin/tcpd in.telnetd
37 stream tcp nowait root /usr/sbin/sock
/usr/sbin/sock
I'm not entirely sure what this person achieved by these line (comments
welcome !) Is it an attempt to place a root shell on telnet port 37 ?
And what is sock anyhow ?
I suspect this person gained access to my system via ftpd, is this really
such a security hole ?
Thanx
PMc
--
SLUG - Sydney Linux Users Group Mailing List - http://www.slug.org.au
To unsubscribe send email to [EMAIL PROTECTED] with
unsubscribe in the text
