[Gllug] My firewall is rooted
Walid Shaari
ws at melinux.com
Mon Jul 15 12:11:39 UTC 2002
On Mon, 2002-07-15 at 12:20, Stephen Harker wrote:
> OK. So I ssh into the firewall (first time in a week or so) to discover loads
> of running processes ./a and a new user in my password file called dave. So
> out he goes and shutdown all the processes. Passwd file was locked so I
> removed /etc/ptmp and removed the dave entry. (BTW this is an OpenBSD box)
> Rebooted the machine. First mistake.
> Now my root password doesn't work any more. SO. Do I want to even bother
> fixing this machine up or shall I just rescue my pf and nat rules, wipe the
> box and start again? Will there be a load of backdoors and other nasties on
> there now?
> Steve
> --
> Stephen Harker
> steve at pauken.co.uk
>
> "The sooner we fall behind, the longer we have to catch up!"
>
>
> --
> Gllug mailing list - Gllug at linux.co.uk
> http://list.ftech.net/mailman/listinfo/gllug
>
its funny you mention that, /. just ran an article about last week :
http://bsd.slashdot.org/article.pl?sid=02/07/13/0346209&mode=thread&tid=172
If I were in your shoes,I would go for a fresh install, latest updates,
and pray to be safe ;-)
Walid
" One remote hole in the default install, in nearly 6 years!"
www.openbsd.org
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list