Security Incidents mailing list archives
Re: Rooted through in.identd on Red Hat 6.0
From: brett () LARIAT ORG (Brett Glass)
Date: Thu, 20 Apr 2000 14:04:38 -0600
At 07:58 AM 4/20/2000 , Erich Meier wrote:
Could it be, that this ftp connection caused an identd lookup done by the ftpd at 200.192.58.201?
Yes. And doesn't the infamous WU-FTPD with a known buffer overrun do an automatic ident on incoming control connections? --Brett
Current thread:
- I am popular today..., (continued)
- I am popular today... Dirk Koopman (Apr 28)
- Re: I am popular today... Ryan Sweat (Apr 28)
- Analysis: AboveNet attacks Robert Graham (Apr 28)
- Re: I am popular today... Ville (Apr 29)
- Lots netbios scans (udp 137) Russell Fulton (Apr 30)
- High port UDP probe? Damian Gerow (Apr 25)
- Re: High port UDP probe? Mark Rowe (Apr 26)
- Lots of scan on port 9520 Erick Perez (Apr 25)
- possible bind worm? Roelof Temmingh (Apr 25)
- Re: Rooted through in.identd on Red Hat 6.0 Erich Meier (Apr 20)
- Re: Rooted through in.identd on Red Hat 6.0 Brett Glass (Apr 20)
- Tools to analyze "captured" binaries? -Reply Network Security (Apr 20)
- Re: Tools to analyze "captured" binaries? -Reply Ex Machina (Apr 22)
- Port 137 scans on the rise Bryan Andersen (Apr 20)
- Re: Port 137 scans on the rise horio shoichi (Apr 22)