09-19-2001
It is very possible that you have been
compromised. First, shut off telnet and ftp!!!
Next, check out:
http://www.cert.org/tech_tips/root_compromise.html
...and following these procedures, you should
be able to determine the level of compromise
(if any). A word of advise... never, never,
never leave telnet or ftp (among other things)
open on a system that is connected to the
internet.
8 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I hope someone can enlighten me on this. A few weeks ago, the root file system my UnixWare 7.1.1 server became corrupt so I ended up doing a full restore of the OS from tape backup.
Since then, after I get about 270 users on the system, the message "telnetd: all network ports in use" is... (1 Reply)
Discussion started by: davekox
1 Replies
2. Cybersecurity
Hi folks. I have a quick question on using "telnetd" vs. "telnetd -a".
OS: AIX 5.x (5.1 through 5.3 ML3)
Some engineers at work want to stop using "telnetd -a" and use "telnetd".
(and of course, if I could get a cogent answer from them, I wouldn't be posting this question...) :mad:
The... (0 Replies)
Discussion started by: davidl9999
0 Replies
3. Solaris
hi mates,
a very important info for all solaris admins, there is a bug in telnetd on nearly every solaris version:
pressy@mp-wst01 # id
uid=100(pressy) gid=1(other)
pressy@mp-wst01 # telnet -l "-froot" 192.168.40.1
Trying 192.168.40.1...
Connected to 192.168.40.1.
Escape character is... (3 Replies)
Discussion started by: pressy
3 Replies
4. Solaris
Hello all,
I've got a problem on a V240 running Solaris 9, the telnet daemon won't start. The error message I get is "telnetd: stdin is not a socket file descriptor." I've never seen this message before and I'm not exactly sure what it means. I know generally what stdin, sockets, and file... (4 Replies)
Discussion started by: ONEX
4 Replies
5. SCO
Ok, here i am in 2008 trying to figure out how to edit the port of Telnetd in sco openserver 4.2.
I googled my butt off and cant seem to find any info. Does anyone have some specific howto's or good documentation on this? (2 Replies)
Discussion started by: j0ntar
2 Replies
6. AIX
Hi,
When a client connected to AIX server by telnet is killed/crashes, is there a way for telnetd to recognize that and close/kill the application linked/started by that telnet session?
We have a situation where clients disconnect because of frequent network outages, this leaves the... (2 Replies)
Discussion started by: mreyaz
2 Replies
7. Cybersecurity
Hi,
I want to ask something about server that has been compromised. Recently, one of my VPS server has been hacked and the attacker install somekind like "IRC" script.
Everytime I killed the process or close the port, it can open again .. and again ..I'm sure the attacker has installed... (14 Replies)
Discussion started by: franx47
14 Replies
8. UNIX for Dummies Questions & Answers
Hi everyone,
I hope I am posting in the right spot and I really need some help. I am going through a horrible divorce and I am afraid that my husband has compromised . He set up my mac computer and router and for my job set up remote access for me. I caught him cheating on me and I think he... (6 Replies)
Discussion started by: kk243665
6 Replies
LEARN ABOUT DEBIAN
ftpstats
FTPSTATS(8) System Manager's Manual FTPSTATS(8)
NAME
ftpstats - FTP Log summarizer
SYNOPSIS
ftpstats [options]
DESCRIPTION
Ftpstats dissects the defined ftp log and reports various statistics as requested. This manual page was written for the Debian GNU/Linux
distribution because the original program does not have a manual page.
OPTIONS
-f filename
Use filename rather than the default /var/log/xferlog
-r Include real users.
-a Include anonymous users.
-h Include report on hourly traffic.
-d Include report on domain traffic.
-t Report on total traffic by section.
-i Report on incoming traffic only (uploads).
-o Report on outgoing traffic only (downloads).
-Ddomain
Report only on traffic from domain This option leads to problems with the local domain: e.g. test.com is encountered under test and
not recognized under com, -D com will give you only stats about com excluding test.com! Use -A com for correct results.
-Aaddress
Report only on traffic from addresses whose end matches address e.g. -A test.domain.com will report on address ending with
test.domain.com
-ldepth
Depth of path detail for sections
-ssection
Section to report on. e.g. -s /pub will report only on paths under /pub
BUGS
No known bugs at this time. If you discover any bugs, please report at http://bugs.proftpd.org/ For help/support, try the ProFTPD mailing
lists, detailed on http://www.proftpd.org/lists.html
SEE ALSO
proftpd(8),proftpd.conf(5),xferlog(5)
AUTHORS
ProFTPD is written and maintained by a number of people, full credits can be found on http://www.proftpd.org/credits.html
CREDITS
This manual page was written by Francesco P. Lovergine <frankie@debian.org> and other Debian developers, for the Debian GNU/Linux system
(but may be used by others).
Please use the most appropriate mailing list listed on http://www.proftpd.org/lists.html for ftpstats related comments.
Debian GNU/Linux October 30, 2002 FTPSTATS(8)