Linux Today: Linux News On Internet Time.
Search Linux Today
search.internet.com
Linux News Sections: Blog - Developer - High Performance - Infrastructure - IT Management - Security - Storage -
Linux Today Navigation
LT Home
Preferences
Contribute
Link to Us
Search
Linux Jobs

Become a Marketplace Partner

internet.commerce
Be a Commerce Partner














The Linux Channel at internet.com
Linux Today
Enterprise Linux Today
Apache Today
JustLinux.com
Linux Planet
PHPBuilder
All Linux Devices
Technology Jobs

JustTechJobs.com

LinuxToday Newsletters
Subscribe News
Subscribe PR
Subscribe Security

internet.com
IT
Developer
Internet News
Small Business
Personal Technology

Search internet.com
Advertise
Corporate Info
Newsletters
Tech Jobs
E-mail Offers

 







Current Newswire:

Installing Ubuntu 9.10

Hands-on: OpenMoko WikiReader is simple, appealing

Perl far from dead, more popular than you think

Microsoft Exchange alternatives

Kubuntu 9.10: A Mixed Bag

Could Microsoft switch to Linux?

Red Hat Virtualization Manager for Windows Only?

Creating Ebooks with Sigil

Editor's Note: Making Multi-Channel Firewire Music With Linux

Amaya: A Simple, Yet Useful Alternative to Dreamweaver




Server Support Specialist I
The Computer Merchant, Ltd
US-OK-Oklahoma City

Justtechjobs.com Post A Job | Post A Resume
:WARNING - TCP Wrappers back door
WARNING - TCP Wrappers back door
Jan 22, 1999, 00 :05 UTC (0 Talkback[s]) (4687 reads)

Wietse Venema posts to BUGTRAQ:

TCP Wrappers is a widely-used security tool to protect UNIX systems against intrusion. In has an estimated installed base of millions.

Today someone replaced the tcp wrapper source on ftp.win.tue.nl by a backdoored version. Eventually this was bound to happen, and that's why the source file is accompanied by a PGP signature. But that is no guarantee against people downloading and installing backdoored software.

The backdoor gives access to a privileged shell when a client connects from port 421.

The backdoored copy was downloaded 52 times between 07:16 MET and 16:29 MET. I have informed the sites that downloaded a copy.

Below are details on how to recognize the backdoored version.

Relevant time stamp/size information (times relative to MET):

Backdoored version: 

    % ls -lcta
    -r--r--r--  1 wswietse    99186 Jan 21 07:16 tcp_wrappers_7.6.tar.gz
    ...
    dr-xr-sr-x  3 wswietse     4096 Apr 11  1998 .

Restored version:

    % ls -lt tcp_wrappers_7.6.tar.gz
    -r--r--r--  1 wswietse    99438 Jan 21 16:29 tcp_wrappers_7.6.tar.gz

The signature of the bad TAR file is: length 99186 instead of 99438.
The signature of a compiled tcpd binary is:

    strings -a tcpd | grep csh

any output probably means trouble.



No talkbacks posted.
  Home | Search Talkbacks | Customize View    Top of Page  



Enter your comments below:

* Your Name:

* Your Email Address:

* Subject:

CC: [will also send this talkback to an E-Mail address]

* Comments:

Tags allowed:<I>,<B> and <U>. See our talkback-policy for more about talkback content.

Fields marked with * are required!






..............................




All times are recorded in UTC.
Linux is a trademark of Linus Torvalds.
Powered by Linux, Apache and PHP

internet.commediabistro.comJusttechjobs.comGraphics.com

Search:

WebMediaBrands Corporate Info

Legal Notices, Licensing, Reprints, Permissions, Privacy Policy.
Advertise | Newsletters | Shopping | E-mail Offers | Freelance Jobs

Solutions

Whitepapers and eBooks

Adobe Article: Adobe Helps PHP Developers Create Rich Internet Applications
Adobe Article: Java Developers Finding a Home at Adobe Flex
IBM Articles: A Smarter Business Needs Smarter Technology
Intel Xeon Processor Increases Server Efficiency and Capabilities
Intel Tech Brief: Automated Energy Efficiency for the Intelligent Enterprise
Oracle Whitepaper: Using Oracle In-Memory Database Cache to Accelerate the Oracle Database
Oracle Whitepapers - Innovation for IT Leaders
Avaya Article: Communication-Enabled Mashups--Empowering Both Business Owners and IT
 Internet.com eBook: IT Manager's Guide to Social Networking
Internet.com eBook: Get Ready for Windows 7
Microsoft Article: Expression Web 3--New Features for PHP Developers
Whitepapers: Manage Your Business Infrastracture with IBM
Whitepaper: Maximize Your Storage Investment with HP
Internet.com eBook: Becoming a Better Project Manager
Microsoft Article: Stress Free and Efficient Designer/Developer Collaboration
MORE WHITEPAPERS, EBOOKS, AND ARTICLES

Webcasts

Webcast: Connecting PHP to Microsoft Technologies
Video: Microsoft Partner Program Benefits
Video: Windows Azure Debugging Tips
SAP BusinessObjects Webcast: Unlock the Power of Reporting with Crystal Reports
 IBM Webcast: Speed Business Innovation with Reduced Cost and Risk
Video: Deploy Applications on Windows Azure
MORE WEBCASTS, PODCASTS, AND VIDEOS

Downloads and eKits

Downloads & Free Trials: Microsoft's New Efficiency Resource Center
Get the Windows 7 SDK
Free Trial: Red Gate SQL Backup Pro 6
 Iron Speed Designer Application Generator
MORE DOWNLOADS, EKITS, AND FREE TRIALS

Tutorials and Demos

Virtual Lab: Migrating PHP Applications
Enabling Web Slices and Accelerators with a PHP Site
Internet.com Hot List: Get the Inside Scoop on the Hottest IT and Developer Products
 All About Botnets
MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES