On Thu, 21 Aug 2003, Sam MacDonald wrote:

> Wow that is nasty.
> I have DSL and I use a Linksys router. I hid behind the router using 
> only the ports necessary to achieve my needs.  Everyone in the house has 
> access to the internet but only the ports I need are enabled to receive 
> or send data.  I've run several port scanners against my system form 
> other locations and have had very good results.

indeed, but did you check for vulnerabilities?

you said you were using redhat 6.2, which did not include openssh, so you 
probably had to connect to it using telnet. telnet sends your password 
over the wire in plain text and anyone can sniff it. Same goes for ftp.

additionally, redhat 6.2 has been out of support for a while, so even if 
you installed all the latest patches from redhat, you would still have 
vulnerabilities.

redhat 6.2 also used wu-ftpd. nuff said.

was this system behind the firewall? if so then i would consider each and 
every one of your other systems suspect as well.

Munir Nassar
RedConcepts.NET
http://redconcepts.net/

_______________________________________________
TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
http://www.mn-linux.org tclug-list at mn-linux.org
https://mailman.real-time.com/mailman/listinfo/tclug-list