[linux-help] Re: FTP access
[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
On Thu, 7 Jun 2001, Greg House wrote:
> Well, that should have shutdown telnet/ssh/rlogin/etc access, so I don't know
> how they'd get a shell.
just make sure you *are* running the *very* latest stable releaseof
wu-ftpd, since it's had some really bad security holes... i *believe* the
version with the bug fixed is wu-ftpd-2.6.1(1) (that's what it reported on
the server I last upgraded... i use ProFTPD here, which isn't supposed to
have that exact vunerability)... anyway, the whole point of this is: a
server that was setup (not by me) at one of my old jobs had a vunerable
version of wu-ftpd running and not even a week later it was hacked into, a
new acct w/ UID/GID of 0 was created and probably numerous root kits were
installed... it was also used as part of a DDoS attack... not good! : ^
)
gLaNDix
<<< Linux lloydix 2.4.4 #3 Mon Jun 4 14:09:46 CDT 2001 i586 unknown >>>
Smithers: [whispers in Jose Canseco's ear]
Jose: I get $50,000 to play one game?
Smithers: That's right, Mr. Canseco.
Jose: Well, it's a pay cut, but what the hey. It sounds like fun.
-- For love of money, "Homer at the Bat"
-- This is the linux-help@xxxxxxxxx list. To unsubscribe,
visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi
|
|
