similar to: [RHSA-1999:029-01] Denial of service attack in in.telnetd

Good call - I forgot to mention that. Caldera released an advisory a couple months ago about it if anyone's interested: ftp://ftp.calderasystems.com/pub/OpenLinux/security/CSSA-2000-008.0.txt Dave -----Original Message----- From: Thomas Biege [mailto:thomas@suse.de] Sent: Friday, May 19, 2000 2:44 AM To: David LaPorte Cc: Mike Bowie; linux-security@redhat.com Subject: Re: [Security -

What can cause this telnetd[...]: ttloop: peer died: Success I''ve had several occurrences of this entry along with connections from somewhere where no-one should be accessing my machine (via telnet) also around same time frame : (from tcpdump) activity to a port 234 at various IP addresses udp port biff unreachable I (a novice at *nix) believe some has been accessing my machine

I''m in the process of locking down as much of my systems here as possible as to available ports. I am down to only a handful but am not sure how much of a security risk they pose and was wondering if anyone here might be able to comment, or suggest secure versions to run: 21/FTP (WU-ftpd v2.4.2 BETA 14) 22/SSH (1.22) 23/TELNET (Netkit 0.09) 25/SMTP (Sendmail

[mod: Executive summary: SNI found recent linux-distributions not-vulnerable -- REW] -----BEGIN PGP SIGNED MESSAGE----- ###### ## ## ###### ## ### ## ## ###### ## # ## ## ## ## ### ## ###### . ## ## . ######.

Hi, I have a tftp client which loads quite happily from a tftpd built from netkit-tftp-0.16 but which fails to load from from a tftpd built from tftp-hpa 0.29. In both cases, tftpd was built from pristine sources and run from xinetd under Redhat 7.3. [netkit-tftp-0.16 is the ancestor of tftp-hpa, predating HPA's maintenance of same] [the tftp client also.. .. fails with the prebuilt tftpd

Hi. I don''t know if this one is known, but I can''t recall seeing anything about it. If it is old news I apologize. I discovered a bug in the inetd that comes with NetKit-B-0-08 and older. If a single SYN is sent to port 13 of the server, inetd will die of Broken Pipe: write(3, "Sun Jan 12 21:50:35 1997\r\n", 26) = -1 EPIPE (Broken pipe) --- SIGPIPE (Broken pipe) ---

I just wanted to post this so that it was out there and Googleable. Hopefully it will save other people a bit of time. If you have a Cisco phone (I was testing with a 7970, though presumably it would affect 7960 and others as well) that is looping trying to fetch the CTL tlv file - it may be because you are using Debians 'tftpd' (should be netkit-tftpd...*cough*hey, Debian

On Nov 24, 2014, at 3:46 PM, Warren Young <wyml at etr-usa.com> wrote: > Now compare telnet: always vulnerable, all the time, since the day it was created, before most of the people on this list were born: Technically, you can run kerberized (krb5) telnet/telnetd, and it's not quite as insecure as unkerberized telnet. The telnet protocol supports security measures, but most people

Ugh. With MAKE_KERBEROS5=yes, on a recent STABLE, I get the following trying to use Kerberized telnet: # telnet -l test big.x.kientzle.com Trying 66.166.149.54... Connected to big.x.kientzle.com. Escape character is '^]'. [ Trying mutual KERBEROS5 (host/big.x.kientzle.com@X.KIENTZLE.COM)... ] Bus error (core dumped) Fortunately, it's pretty easy to track down: (gdb) up #2

On 11/24/2014 6:38 AM, Mauricio Tavares wrote: > I will not go over the question about running telnet in your > laptop; others will chime in. Now that is out, did you check whether > telnet is running using ps and netstat? useless advise, since telnet is almost always run from a socket, the telnetd is only running if there's an active connection. to the OP, the *correct*

# Automatically generated email from bts, devscripts version 2.10.18.1 # # logcheck (1.2.64) unstable; urgency=low # # * ignore.d.server/bind: # - moved "[bind] query $FOO denied" rule to violations.ignore.d # (closes: #443881). # - added bind's "AXFR ended" rule alongside "AXFR started" # (closes: #445046). # - added "adding an

In FreeBSD 5.x only telnet/telnetd works 'out of box' with kerberos. Why ftp/ftpd, ssh/sshd and cvs do not support kerberos ? Thanks!

Yet another odd one... I've got it set up now so that swat uses pam_smbpass.so, and once a user logs into swat at least once, it'll update their password in the passdb backend configured for Samba. But, I also need to ensure that when a user changes their password via passwd, it also gets updated. I added the following in /etc/security/login.cfg: usw: auth_type = PAM_AUTH and

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ Caldera International, Inc. Security Advisory Subject: Linux - Telnet AYT remote exploit Advisory number: CSSA-2001-030.0 Issue date: 2001, August 10 Cross reference: ______________________________________________________________________________ 1. Problem

Picking up on a couple really old threads (e.g. http://osdir.com/ml/ietf.secsh/2001-09/msg00003.html ) I've finally gotten around to this. The EXTPROC support on Linux is missing, but you can find kernel patches for that here http://lkml.org/lkml/2010/6/11/403 I've also fixed up the netkit telnet / telnetd code to work with EXTPROC / LINEMODE on Linux, those patches are here

Hi, I'm looking for a way to force users to use a pty and their login shell. They have a .profile that forces them to use a specific application. They are currently logging in with telnetd, so this is effective. I want to move to openssh, but this would allow "ssh user at host /bin/sh" and any other commands they can think of to bypass this restriction. Is there a way to

???????????? samba, I compile kerberos5 root@romanof2 : cd /usr/ports/security/krb5/ root@romanof2 : make && make install && make clean && rehash ------------------------------------------------------ This port of MIT Kerberos 5 includes remote login daemons (telnetd and klogind). These daemons default to using the system login program (/usr/bin/login). Please see the

Hi, ssh client program seems to hang when specified a wrong port no (port on which some other server, like telnetd is running). "netstat -an" shows the connection is established. I expect the ssh program to report invalid server msg and exit. Is this a bug or known behaviour ??? I have attached the -v -v -v output. Thanks, Hari [hari at linux ssh]$ /usr/bin/ssh -v -v -v -p 23 hari

Hi, I'm struggling to get a laser color printer working correctly. At first I wasn't able to save print properties with Ubuntu 10.04. As I read of a bug [1] that affected samba 3.4 up to 3.5.8 I upgraded to ubuntu 12.04 and samba 3.6.3. Now I'm not even able to upload drivers in the way I always did as described in [2] and [3] (Italian). My conf:: [printers] comment = All

I''ve been poking around my system, and realized that having a tftp server would be handy. (I''m working with cisco routers, which have the capability to up and download configuration images via tftp.) However, I''m not content with the usual tftpd that comes with Linux. The whole "specify each directory you want" scheme is cock-eyed to me. I''d prefer