On Thu, Jan 25, 2001 at 07:11:26PM +0000, Colin Watson wrote: :It could be someone trying an NFS exploit against your system, though :potato systems shouldn't be vulnerable to it.
I'd s/could\ be/IS/; :>f<CD> :>Jan 18 19:16:45 brockwell :><C7>^F/bin<C7>F^D/shA0<C0><88>F^G<89>v^L<8D>V^P<8D>N^L<89><F3><B0>^K<CD><80><B0>^A<CD><80><E8>^?<FF><FF> : :This, in particular, looks very suspicious. Notice the /bin/sh. One version of this exploit adds a root shell the end of /etc/inetd.conf look for that. -Jon
