If you have an "official" readhat 4.1 or 4.2 cdrom, you can get the binary
of inetd off of the cdrom and copy it to your hard drive, then kill inetd and
restart it.
also look for /etc/inetd.conf and make sure it is in good shape.
from that point on, I would compare ls, login, telnet, bash, ftpd, httpd
programs in a hurry against the cdrom drive's live files. If those are
identical, you can breath easier.
finally, remove /home/httpd/cgi-bin/phf program, as in earlier lifetimes,
that had a security hole the size of a house.
bug
Greg Thomas wrote:
> Hello,
>
> I came into work today and we've got no POP3 or telnet into our RH4.1
> machine. SMTP (obviously since I'm sending this), pinging, and named
> appear to be fine. I rebooted and inetd is running but I still can't get
> any inetd related services. Since I am fairly new at this I am at a loss.
> Any help, suggestions, or requests for additional info would be very
> welcome. Is it possible that someone has hacked our machine and replaced
> inetd? If so, how can I tell and/or replace inetd until I re-install 4.2
> or 5.0?
>
> TIA,
> Greg Thomas, Network Admin
> Jack Nadel, Inc.
>
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com/RedHat-FAQ /RedHat-Errata /RedHat-Tips /mailing-lists
To unsubscribe: mail [EMAIL PROTECTED] with
"unsubscribe" as the Subject.
