resolved Re: should i publish a list of cracked machines?
Kevin Houle
kjh at cert.org
Thu Aug 23 17:41:42 UTC 2001
--On Thursday, August 23, 2001 12:39:21 -0400 Jim Mercer <jim at reptiles.org>
wrote:
> my suspicions and some things to look for:
>
> - boxes were comprimised using the buffer overflow in telnetd
> (speculation)
The CERT/CC is aware of some level of automated exploitation of
the recently described telnetd vulnerability. If folks have yet
to patch systems for that particular vulnerability, it would be
a good thing to spend time doing. We've seen it used to deploy
DDoS-capable tools, for example.
More info on the vulnerability at:
http://www.kb.cert.org/vuls/id/745371
Kevin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20010823/5313bbdf/attachment.sig>
More information about the NANOG
mailing list