At 08:37 PM 9/4/99 -0400, you wrote: >Is there a way to have in.telnetd present the client with a different >shell than the default shell (bash) listed in the /etc/login.defs file? >The man page says you can have a different login program specified at >the command line for in.telnetd. Would it be a hassle to recompile a >version of login to change the .defs file? Where is the source code of >login? Joel, just so you know, my system was compromised by a pissant hacker from the following location: 134.96.59.1 (which is a proxy machine located in the .de domain which is either germany or denmark)...the exploit occurred because an attempt was made at telnetting into the box (telnet access is now closed, and commented out in /etc/inetd.conf and /etc/services)...I strongly advise against using telnet even with tcpwrappers...it took me the better part of 1.5 hours to get my system back to normal usage, damage done was to /etc/passwd and qmail v1.03... I would like to know how something like this could happen, would the problem have been caused by a rapid fire type of attack, and if so, what can be done to counter such stupidity (I don't think notifying the site admin will be of much good, but i'm not sure about this)? -Bill p.s. - I got good help by Ken Jones at inter7 to get my system back up and running, but this should serve as warning not to use telnet in any way shape or form...<sigh>
