[100266] in RedHat Linux List
Re: Hack attempts!
daemon@ATHENA.MIT.EDU (John D. Hardin)
Thu Nov 19 13:01:04 1998
Date: Thu, 19 Nov 1998 09:47:42 -0800 (PST)
From: "John D. Hardin" <jhardin@wolfenet.com>
To: "'redhat-list@redhat.com'" <redhat-list@redhat.com>
In-Reply-To: <Pine.LNX.3.95.981119092833.5954A-100000@scooby.cheney.net>
Resent-From: redhat-list@redhat.com
Reply-To: redhat-list@redhat.com
On Thu, 19 Nov 1998, Steven Krikstone wrote:
> On Wed, 18 Nov 1998, David I Wolf wrote:
>
> > I have been getting a LOT of hack attempts lately: Can anyone
> > give me some info on the type of hacks? Here are the logs of the event..
>
> This is an attemp to overflow a buffer in mountd. The exploit was widely
> talked about on BUGTRAQ several weeks ago. If they intruder knows what
> they are doing, they _can_ gain root access. Check the RH 5.1 errata page
> for the updated nfs-server and nfs-server-clients rpms.
You might also want to consider whether you *really* want to be
allowing access to NFS from the Internet.
Take a look at http://www.lowrent.org/jhardin/ipfwadm.html for a GUI
firewall tool, and set up your firewall to block Internet access to
NFS and so forth.
--
John Hardin KA7OHZ jhardin@wolfenet.com
pgpk -a finger://gonzo.wolfenet.com/jhardin PGP key ID: 0x41EA94F5
PGP key fingerprint: A3 0C 5B C2 EF 0D 2C E5 E9 BF C8 33 A7 A9 CE 76
-----------------------------------------------------------------------
6 days until Sleeping In Light
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com http://archive.redhat.com
To unsubscribe: mail redhat-list-request@redhat.com with
"unsubscribe" as the Subject.
