[rescue] Solaris 10 Remote-Root Exploit
Peter Corlett
abuse at cabal.org.uk
Wed Feb 14 10:38:52 CST 2007
On Wed, Feb 14, 2007 at 11:33:54AM -0500, Magnus wrote:
[...]
> Still, could he not firewall it off so that telnet is not open outside of
> the local subnet, and then he can telnet to it from another machine on the
> local subnet that he has ssh'd to from outside?
Umm, no. mooli.org.uk is *my* server, a regular Linux box. It is the remote
user that does not have a ssh client available. So I installed a telnetd in
addition to the sshd that is used by everybody else.
Their system doesn't support interactive remote logins of any kind and is
connected to the Internet through a NAT device so is inaccessible.
And I've just checked and my telnetd is not vulnerable. Most of the scanning
activity is attempted exploits against my sshd anyway.
More information about the rescue
mailing list