Security ....

Peter Barker pbarker at
Fri Sep 7 16:41:29 EST 2001

On Fri, 7 Sep 2001, Burn Alting wrote:

> A friend mentioned that, on his Solaris 7 system, he noticed an open link 
> from an arbitrary ip address to his lp daemon. Perhaps a security breach? He 
> uses his Solaris 7 box as a gateway to the net (soon to be replaced by a 
> Linux box).

You can tell your friend he has probably been rooted.

There is a root-compromise out ATM for Solaris lpd. Search for information.

> I was wondering how easy it is, given some ip address, to get
> information about it.

"host <ipaddress>"
"traceroute <ipaddress>"
"xmtr <ipaddress>"

> Burn Alting

Peter Barker                          |   N    _--_|\ /---- Barham, Vic 
Programmer,Sysadmin,Geek              | W + E /     /\                
pbarker at         |   S   \_,--?_*<-- Canberra      
You need a bigger hammer.             |             v    [35S, 149E]   
"When used legally and in its intended fashion, the Acrobat eBook Reader
 secures eBooks purchased by locking the eBook to the hardware from which
 it was purchased." -- Adobe press release

More information about the linux mailing list