On Wed, 14 Mar 2001, Carric Dooley wrote:
> No.. I have seen the exact same thing. I just happened to do a
> netstat while connected to a new RH7 (wolverine beta runnin OpenSSH),
> and immediately felt my stomach drop down around my socks. I started
> digging around is lsof, and finally killed the process and <pop>, I
> was disconnected. I then telnetted from an authorized machine, did a
> netstat and lsof -i and the 6010 port was gone. When I reconnected
> via SSH, it came right back. I just knew my brand new server had been
> hacked and I was so pissed (as well as feeling stupid), and I was EVER
> so relieved to find it was just SSH.
yep, saw that from someone else. :) good to learn, i guess. :)
no, i usually don't do X forwarding with sshd, i usually skip X remotely.
____________________________
jose nazario [EMAIL PROTECTED]
PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
PGP key ID 0xFD37F4E5 (pgp.mit.edu)
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
