[Gllug] My firewall is rooted
ws at melinux.com
Mon Jul 15 12:11:39 UTC 2002
On Mon, 2002-07-15 at 12:20, Stephen Harker wrote:
> OK. So I ssh into the firewall (first time in a week or so) to discover loads
> of running processes ./a and a new user in my password file called dave. So
> out he goes and shutdown all the processes. Passwd file was locked so I
> removed /etc/ptmp and removed the dave entry. (BTW this is an OpenBSD box)
> Rebooted the machine. First mistake.
> Now my root password doesn't work any more. SO. Do I want to even bother
> fixing this machine up or shall I just rescue my pf and nat rules, wipe the
> box and start again? Will there be a load of backdoors and other nasties on
> there now?
> Stephen Harker
> steve at pauken.co.uk
> "The sooner we fall behind, the longer we have to catch up!"
> Gllug mailing list - Gllug at linux.co.uk
its funny you mention that, /. just ran an article about last week :
If I were in your shoes,I would go for a fresh install, latest updates,
and pray to be safe ;-)
" One remote hole in the default install, in nearly 6 years!"
Gllug mailing list - Gllug at linux.co.uk
More information about the GLLUG