[2939] in bugtraq
Re: identd hack
daemon@ATHENA.MIT.EDU (Brett L. Hawn)
Tue Jul 16 14:53:33 1996
Date: Tue, 16 Jul 1996 03:37:27 -0500
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: "Brett L. Hawn" <blh@nol.net>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
After several hours of checking logs and other material I've come to the
realization that the hack used to attack one of my machines was indeed the
sendmail/identd hack referenced some time ago. I apparently missed this
discussion so I'm looking for some basic information and perhaps a pointer
to a fix for sendmail. I run sendmail 8.7.5 on several boxes, some of which
are rather important so its best I get this fixed as soon as possible. I've
made identd run as an unprivelged user with no shell and no password (it
works) but this is only a workaround rather than a true fix.
[-] Brett L. Hawn (blh@nol.net) [-]
[-] Networks On-Line - Houston, Texas [-]
[-] 713-467-7100 [-]
