Watching your own back
Home ] Secret Logging ] Stealth Engines ] The Text Sniffer Patent Owned by the US ] The Sandpebbles Analysis ] The Entennman CC Recipe ] Jewish Geography ] The Secrets Of Hebrew Letters ] Lomdus Curio ] LANGUAGE WATCH ] Jewish Roots in Languages ] Yemenite Recovered ] Jewish Names ] Beer and Bread ] Win Crashing ] Techie Poetry ] Anti-Israel US Congressmen ] [ Watching your own back ] Jacob's Sheep ] Common and Folk Names of Chemicals ] The Yoshke Graffitti Debunked ] Hiding from the CTRL ]

 

 

Watching your own back
is easy
without any downloads:

Use of TFTP (Trivial File Transfer Protocol) to obtain password files

To test your system for this vulnerability, connect to your system using tftp and try

get /etc/motd

If you can do this, anyone else on the network can probably get your password file. To avoid the problem, disable tftpd. If you must have tftpd, ensure that it is configured with restricted access. 

Vulnerabilities in sendmail

There have been a number of vulnerabilities identified over the years in sendmail(8). To the best of our knowledge, the current version of sendmail addresses those known vulnerabilities.
To determine which version of sendmail is running, use telnet to connect to the SMTP port (25) on your system:

telnet <your hostname> 25

To quickly check for an IRC bot/ malicious server:

- type the following command at an MS-DOS Prompt:

netstat -an | find ":6667"

The following is not good:

TCP 192.168.1.101:1026 70.13.215.89:6667 ESTABLISHED

To quickly check for an Ident server:

- type the following command at an MS-DOS Prompt:

netstat -an | find ":113 "

The following is not good:

TCP 0.0.0.0:113 0.0.0.0:0 LISTENING

:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

Find out any suspicious port numbers, and check yourself by plugging one of the numbers into the command string, just like above:

netstat -an | find ":SUSPICIOUS PORT NUMBER"