-----BEGIN PGP SIGNED MESSAGE----- On Wed, 6 Sep 2000, David Wright wrote:
> > Message from [EMAIL PROTECTED] at Tue Sep 5 17:42:31 2000 ... > > locust > > In my experience, this happens someone tries the rpc.statd buffer > overflow exploit. I'm surprised you don't see it in syslog and messages > (with the default syslogd.conf). Damn, you're right! Why hadn't I noticed that! Especially considering how hard we've been hit by that exploit. We had 10 Redhat systems compromised by that over the weekend.... Thanks a lot for the info! noah _______________________________________________________ | Web: http://web.morgul.net/~frodo/ | PGP Public Key: http://web.morgul.net/~frodo/mail.html -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i for non-commercial use Charset: noconv iQCVAwUBObZzTYdCcpBjGWoFAQGLSwQAno/Muxi0FyYmY14sXb5TmjR7K4Dnnbzb 3WIHlMrFHHE2Xs4TzOuWtRLXRnD1aPLj2o34EVDiRn+el5HSX8THEBvthLNmc6kB wYqAwrHO2HoFyvNg6yT9jBmglicEiQQERg0GBVmt1dwCYJ2lhpUwMbspAcADuggn l2fWB2Nq82o= =rl5k -----END PGP SIGNATURE-----
