Thanks!
Just like before, the problem is gone by itself. I will definitely take
your advice. Thanks again.
Li
>From: Frederic Herman <[EMAIL PROTECTED]>
>Reply-To: [EMAIL PROTECTED]
>To: [EMAIL PROTECTED]
>Subject: Re: ttloop: peer died:
>Date: Sat, 29 Jan 2000 19:56:15 -0700
>
>He may have broken in, then covered his tracks. In that case, he
>probably now have a backdoor into your machine. If your telnet is
>changed, which is likely in a break in, that might explain your
>inability to telnet. You should really determine if this is the case.
>Check to see if you have locked yourself out by examining the
>/etc/hosts.allow and /etc/hosts.deny files, assuming you aren't set up
>with a firewall.
>
>Edit your /etc/inetd.conf file to disable any service you don't actually
>need. You need auth, and it sounds like you want telnet. Comment out
>any line you don't have to have enabled. I think you can use linuxconf
>to turn off what you don't need.
>
>I would also recommend installing tripwire to detect changed files for
>the future and portsentry to detect and block port scanners.
>
>Good luck,
>
>Fred
>
>
>RedHat's site and their mirrors provide all the updates for these
>security holes. Start with:
>
>http://www.redhat.com/support/errata/
>
>
>
>mi na wrote:
> >
> > Hi Frederic herman,
> >
> > Thanks for your quick response!
> >
> > I am using hosts.allow, and hosts.deny to restrict people access that
>box.
> > If the hacker didn't not break in, why i can not telnet to that box.
> >
> > PS: Where i can get the latest patchs for named, telnet, and wu-ftp?
> >
> > Thanks again!
> >
> > Li
> >
> > >From: Frederic Herman <[EMAIL PROTECTED]>
> > >Reply-To: [EMAIL PROTECTED]
> > >To: [EMAIL PROTECTED]
> > >Subject: Re: ttloop: peer died:
> > >Date: Sat, 29 Jan 2000 11:42:41 -0700
> > >
> > >BTW, make sure your patches are up to date. Especially named, telnet
> > >and wu-ftp.
> > >
> > >The hacker was trying to break in.
> > >
> > >
> > >Frederic Herman wrote:
> > > >
> > > > Hacker attempted to telnet and failed. Check log file secure for
>the
> > > > event as well as messages log file. If you find a message with the
>ip,
> > > > traceroute it and report the event to the isp upstream from the ip.
> > > >
> > > > Fred
> > > >
> > > > mi na wrote:
> > > > >
> > > > > Hi All,
> > > > >
> > > > > I have a linux (redhat 5.2) box, no one can telnet to this box
>since
> > > > > yesterday, and here is the log message:
> > > > > "telnetd[467]: ttloop: peer died: Invalid or incomplete multibyte
>or
> > >wide
> > > > > character"
> > > > >
> > > > > Is this a some kind of Virus?
> > > > >
> > > > > Pls help, thanks!
> > > > >
> > > > > Li
> > > > > ______________________________________________________
> > > > > Get Your Private, Free Email at http://www.hotmail.com
> > > > >
> > > > > --
> > > > > To unsubscribe: mail [EMAIL PROTECTED] with
>"unsubscribe"
> > > > > as the Subject.
> > > >
> > > > --
> > > > To unsubscribe: mail [EMAIL PROTECTED] with
>"unsubscribe"
> > > > as the Subject.
> > >
> > >
> > >--
> > >To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
> > >as the Subject.
> > >
> >
> > ______________________________________________________
> > Get Your Private, Free Email at http://www.hotmail.com
> >
> > --
> > To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
> > as the Subject.
>
>
>--
>To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
>as the Subject.
>
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
