On Fri, 20 Jul 2001 [EMAIL PROTECTED] wrote:
> Probably just warning. I personally couldn't believe it, but on
> the last list of my 4.2-RELEASE appeared that host sh2.1-sh.com was logged
> as user Jim. The one bad thing I did, that firewall wasnt working and
> there is NFS available (besides BRIGDED connection to CISCO Router, named
> and squid (both in sandbox) and sshd,ntp. I really don't know what
> happened, because I couldn't believe that someone is able to find out the
> eight character password. Because it is a school server I am not scared so
> much about compomising, but would like to know if I am so stupid (I was
> trying to leave,delete or update anything what was on security) or does it
> happened to anyoneelse as well? (haven't got Disk Space to build these
> days)
There are known problems wiht ntpd, which you seem to be using. There
is also a local exploit in 4.3-RELEASE. You should be on the
freebsd-security mailing list, and you should be checking the archives of
that list first.
Tom
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-stable" in the body of the message
