Hosting Provided By

Re: Openbsd 3.2 wtmp delay and named backdoor

From: f.johan.beisser <jan(at)caustic.org>
Date: Mon Jan 20 2003 - 16:21:53 EST

On 15 Jan 2003, Eric Weaver wrote:

> The only known vulnerability on this box is Named. Openbsd 3.2 named has a

mitigated is not the same as "non-existant."

> My observation is that there may be a way out of the jail through the

you can, if you want, run a chroot'd named with only local logging. the use of a unix socket to talk to syslog is for convienence (i do use it, even on my chrooted named process).

-------/ f. johan beisser /--------------------------------------+
  
http://caustic.org/~jan                      
jan(at)caustic.org
	"Champagne for my real friends, real pain for
	  my sham friends." -- Tom Waits


----------------------------------------------------------------------------

This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com Received on Thu Jan 23 13:23:51 2003

This message: [ Message body ]
Next message: H C: "Re: Odd Shares showing up on workstations"
Previous message: Valdis.Kletnieks(at)vt.edu: "Re: Openbsd 3.2 wtmp delay and named backdoor"
In reply to Eric Weaver: "Openbsd 3.2 wtmp delay and named backdoor"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:56 EDT