GNU FTP server compromised

Don Smith dss-lfs at cfl.rr.com
Thu Aug 14 11:03:15 PDT 2003


Lukas Gruber wrote:

> On Thu, 14 Aug 2003 12:47:18 -0400
> Jason Gurtz <jason at tommyk.com> wrote:
> 
>>I wonder what ftp server they use.  For a time at least, I believe
>>they were using wuftpd :{
> 
> proftpd says they are running proftpd.
> but i dont if this is correct.
> http://proftpd.linux.co.uk/sites.html
> 

Be careful not to confuse the ftp server *host* with the ftp server 
*program*. It was the host that was compromised through a local user 
login. The warning was just in case the cracker put a trojan horse into 
the packages on the server, which he appears to have not done.




More information about the lfs-security mailing list