[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] Hacked RAQ3 port 514???

Subject: [cobalt-users] Hacked RAQ3 port 514???
From: John M Troher <admin@xxxxxxxx>
Date: Mon Feb 26 10:01:04 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

I have a Raq3 that was hacked sometime ago that has sites on it with SSL
that I have not moved yet.

I am portscanning that machine to see what is listening. I see the shell
service
listening to port 514 but can not telnet to it, as it disconnects me right
away.

Is that port normal?

Also the server will not accept any usernames and passwords on the normal
telnet port or at the console.

Any ideas on how to get into this box and clean it up? Bind has been
disabled.

Follow-Ups:
- Re: [cobalt-users] Hacked RAQ3 port 514???
  - From: Roger Dunk

Prev by Date: Re: [cobalt-users] How to install Php on my Raq3?
Next by Date: Re: [cobalt-users] Recent Hacks
Previous by thread: [cobalt-users] [RAQ4] Problem Mail Originating Locally when domain MXd elsewhere
Next by thread: Re: [cobalt-users] Hacked RAQ3 port 514???

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index