I thought I would update the the LINUX users of the world with the
exploit of NFS. If you run NFS, you might want to consider upgrading to
the newest NFS, and also blocking outisde traffice at the router level.
Recently my system was hacked into, by going through the exploit in
NFS. The hacker quickly made many trojan horses and backdoors into my
system.
This hacker has over 600 root acounts across the world and also comes
through uu.net. uunet has been informed. He SYNC flooded one of my
firewalls, thus had to put security on the router. Thought you might
like to know!
Jan 31 04:46:15 nelie telnetd[19972]: ttloop: peer died: Invalid or
incomplete multibyte or wide character
Jan 31 04:46:15 nelie identd[19975]: from: 131.215.89.167
(lloyd-167.caltech.edu) EMPTY REQUEST
Jan 31 04:46:16 nelie ftpd[19973]: FTP session closed
Jan 31 04:46:16 nelie rshd[19978]: Connection from 131.215.89.167 on
illegal port
Jan 31 04:46:39 nelie mountd[18423]: Unauthorized access by NFS client
131.215.89.167.
Jan 31 04:46:39 nelie syslogd: Cannot glue message parts together
Jan 31 04:46:39 nelie mountd[18423]: Blocked attempt of 131.215.89.167
to mount ^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P$
P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^$
^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P$
P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^P^$
^P^P^P^P^P
Jan 31 04:46:39 nelie
-^E^H(-^E^H(-^E^H(-^E^H(-^E^H(-^E^H(-^E^H(-^E^H(-^E^H(-^E^H(-^E^H(-^E^H(-^E^H(-^E^H(-^E^H(-^E^H(-^E^H($
(-^E^H(-^E^H(
Tim Hibbard
Assistant Network Manager
Hocking College
Nesonville, Ohio 45764
740.753.3591 ext 2872
#####################################
# LINUX, CHOICE OF A GNU GENERATION #
#####################################
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
