grundie.co.uk at ntlworld.com
Fri Jul 5 18:33:51 IST 2002
On Friday 05 July 2002 15:32, Brian O'Donoghue sent nerve impulses to their
fingers and typed:
> I setup up a Slackware box as a gateway and firewall recenctly.
> Some guy who apparently works for a security company claims to have 'done a
> security probe on our ip' and found that we had a telnet and chargen
> exploit amognst others.
> The thing is that he is living with one of the other developers I work with
> and I have been asked to reveal the root password for my Slackware box.
> <Advice appreciated>
Without a doubt theres something dodgy here. I have heard of something similar
before. A mate of mine was working as an NT admin at a small regional English
building society and in addition to NT boxes there was a VAX and a few Linux
boxes (running an estates agents website search type of thing). A COBOL
consultant the society used frequently claimed he had found a weakness in the
Linux boxes relating to remote logins, but he would not specify what, but he
did offer to fix it at a price. Smelling something dodgy the society gave him
a password with root prvilidges and allowed him in to HQ to fix the problem.
As soon as he was gone they checked the logs, turns out he done absolutley
nowt, he opened a few files in /etc and that was about it. For his few hours
work he wanted £4,000! Instead the building society went to the police and
had him done with fraud.
Bye for now,
More information about the ILUG