09-19-2001
It is very possible that you have been
compromised. First, shut off telnet and ftp!!!
Next, check out:
http://www.cert.org/tech_tips/root_compromise.html
...and following these procedures, you should
be able to determine the level of compromise
(if any). A word of advise... never, never,
never leave telnet or ftp (among other things)
open on a system that is connected to the
internet.
8 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I hope someone can enlighten me on this. A few weeks ago, the root file system my UnixWare 7.1.1 server became corrupt so I ended up doing a full restore of the OS from tape backup.
Since then, after I get about 270 users on the system, the message "telnetd: all network ports in use" is... (1 Reply)
Discussion started by: davekox
1 Replies
2. Cybersecurity
Hi folks. I have a quick question on using "telnetd" vs. "telnetd -a".
OS: AIX 5.x (5.1 through 5.3 ML3)
Some engineers at work want to stop using "telnetd -a" and use "telnetd".
(and of course, if I could get a cogent answer from them, I wouldn't be posting this question...) :mad:
The... (0 Replies)
Discussion started by: davidl9999
0 Replies
3. Solaris
hi mates,
a very important info for all solaris admins, there is a bug in telnetd on nearly every solaris version:
pressy@mp-wst01 # id
uid=100(pressy) gid=1(other)
pressy@mp-wst01 # telnet -l "-froot" 192.168.40.1
Trying 192.168.40.1...
Connected to 192.168.40.1.
Escape character is... (3 Replies)
Discussion started by: pressy
3 Replies
4. Solaris
Hello all,
I've got a problem on a V240 running Solaris 9, the telnet daemon won't start. The error message I get is "telnetd: stdin is not a socket file descriptor." I've never seen this message before and I'm not exactly sure what it means. I know generally what stdin, sockets, and file... (4 Replies)
Discussion started by: ONEX
4 Replies
5. SCO
Ok, here i am in 2008 trying to figure out how to edit the port of Telnetd in sco openserver 4.2.
I googled my butt off and cant seem to find any info. Does anyone have some specific howto's or good documentation on this? (2 Replies)
Discussion started by: j0ntar
2 Replies
6. AIX
Hi,
When a client connected to AIX server by telnet is killed/crashes, is there a way for telnetd to recognize that and close/kill the application linked/started by that telnet session?
We have a situation where clients disconnect because of frequent network outages, this leaves the... (2 Replies)
Discussion started by: mreyaz
2 Replies
7. Cybersecurity
Hi,
I want to ask something about server that has been compromised. Recently, one of my VPS server has been hacked and the attacker install somekind like "IRC" script.
Everytime I killed the process or close the port, it can open again .. and again ..I'm sure the attacker has installed... (14 Replies)
Discussion started by: franx47
14 Replies
8. UNIX for Dummies Questions & Answers
Hi everyone,
I hope I am posting in the right spot and I really need some help. I am going through a horrible divorce and I am afraid that my husband has compromised . He set up my mac computer and router and for my job set up remote access for me. I caught him cheating on me and I think he... (6 Replies)
Discussion started by: kk243665
6 Replies
LEARN ABOUT CENTOS
ftpusers
FTPUSERS(5) Linux Programmer's Manual FTPUSERS(5)
NAME
ftpusers - list of users that may not log in via the FTP daemon
DESCRIPTION
The text file ftpusers contains a list of users that may not log in using the File Transfer Protocol (FTP) server daemon. This file is
used not merely for system administration purposes but for improving security within a TCP/IP networked environment. It will typically
contain a list of the users that either have no business using ftp or have too many privileges to be allowed to log in through the FTP
server daemon. Such users usually include root, daemon, bin, uucp, and news. If your FTP server daemon doesn't use ftpusers then it is
suggested that you read its documentation to find out how to block access for certain users. Washington University FTP server Daemon
(wuftpd) and Professional FTP Daemon (proftpd) are known to make use of ftpusers.
Format
The format of ftpusers is very simple. There is one account name (or username) per line. Lines starting with a # are ignored.
FILES
/etc/ftpusers
SEE ALSO
passwd(5), proftpd(8), wuftpd(8)
COLOPHON
This page is part of release 3.53 of the Linux man-pages project. A description of the project, and information about reporting bugs, can
be found at http://www.kernel.org/doc/man-pages/.
Linux 2000-08-27 FTPUSERS(5)