Buffer overflow attack ?
Spiros Bolis
sbolis at freemail.gr
Sun Aug 29 16:30:43 EEST 1999
At 02:35 ìì 29/8/1999 , you wrote:
>Gia apache 1.3.6 pithanon ontws na sou ekanan buffer overflow opws epishs
>kai an xrhsimopoieis netscape server pou exoun "100% problem.
Sketo Apache 1.3.6 apo RPMs .
>Oso gia to an
>petyxe to stoxo tou , tha mas bohthouses perissotero an ekanes ena
>netstat -a |grep LISTEN gia na doume an yparxei kapoio open port created
Ta mona poy den 3erw einai ta services stis portes 1000toso poy einai
non-priviledged bebaia, alla eimai mesa me telnet, trexei kai o web server
opote isws einai kapoio port forwarding. To 1004 me anhsyxei ligo [to 6000
einai kapoio ODBC-sxetiko h h MySQL , de thymamai sigoyra]
% > netstat -a | grep LISTEN
tcp 0 0
*:1039 *:* LISTEN
tcp 0 0
*:1038 *:* LISTEN
tcp 0 0
*:1037 *:* LISTEN
tcp 0 0
*:1036 *:* LISTEN
tcp 0 0
*:1035 *:* LISTEN
tcp 0 0
*:1034 *:* LISTEN
tcp 0 0
*:1025 *:* LISTEN
tcp 0 0
*:6000 *:* LISTEN
tcp 0 0
*:nntp *:* LISTEN
tcp 0 0
*:netbios-ssn *:* LISTEN
tcp 0 0
*:mysql *:* LISTEN
tcp 0 0
*:www *:* LISTEN
tcp 0 0
*:smtp *:* LISTEN
tcp 0 0
*:1004 *:* LISTEN
tcp 0 0
*:printer *:* LISTEN
tcp 0 0
*:ssh *:* LISTEN
tcp 0 0
*:domain *:* LISTEN
tcp 0 0
*:linuxconf *:* LISTEN
tcp 0 0
*:auth *:* LISTEN
tcp 0 0
*:finger *:* LISTEN
tcp 0 0
*:poppassd *:* LISTEN
tcp 0 0
*:pop-3 *:* LISTEN
tcp 0 0
*:login *:* LISTEN
tcp 0 0
*:shell *:* LISTEN
tcp 0 0
*:telnet *:* LISTEN
tcp 0 0
*:ftp *:* LISTEN
unix 0 [ ACC ] STREAM LISTENING 1045 /tmp/.X11-unix/X0
unix 0 [ ACC ] STREAM LISTENING 800 /tmp/.font-unix/fs-1
unix 0 [ ACC
] STREAM LISTENING 776 /var/lib/mysql/mysql.sock
unix 0 [ ACC ] STREAM LISTENING 587 /dev/printer
unix 0 [ ACC ] STREAM LISTENING 1071 /tmp/.ICE-unix/708
unix 0 [ ACC ] STREAM LISTENING 73684 /dev/log
unix 0 [ ACC ] STREAM LISTENING 900 /var/run/news/nntpin
>meta to attack h koitaxe epishs mhpws exoun peiraxtei login,telnetd kai
>alloi daemons (Use tripwire kanei douleia)
Eida ligo ta RPMs kai de moy fanhke tipota peiragmeno. Twra fysika den exei
nohma na balw to tripwire giati den eixw checksums apo prin. Ta logs (last,
daemons k.o.k) poy eida den exoyn tipota periergo alla fysika borei na
exoyn alloiwthei. (Twra ektimw thn odhgia toy tripwire poy leei "krata th
database se safe medium px. disketa")
>Auta gia perissotera infos me personal e-mail....
>Euxaristw
>
>Reply on : Cyberia at hack.gr
O,ti idees exeis poly eyxaristws tha ithela na tis diabasw alla apo th
stigmh poy esteila mail sth lista isws endiaferei kai ta alla paidia opote
protimhsa na apanthsw sth lista
kai.....egw eyxaristw :-) ,
Spiros D. Bolis
--
====================================================================
Gia boithia (h na diagrafhte) e-mail sto majordomo at hellug.gr
Ta archives tis listas einai sto http://lists.hellug.gr/archives
prin steilete kapoia erothsh psakte mipos exei hdh apanththei.
Gia opoiodipote problima stilte e-mail ston owner-linux-greek-users at hellug.gr
====================================================================
More information about the Linux-greek-users
mailing list