Subject: Re: the telnet vulnerability - is it actually fixed?
To: David Maxwell <firstname.lastname@example.org>
From: John F. Woods <email@example.com>
Date: 07/26/2001 14:04:41
> 'peer died' messages are generated easily by telnetting and hitting
> Ctrl-D at the login prompt. It either means someone tried to login and
> gave up, or someone was testing your machine.
> In all testing of the exploit that I did, you would see a 'No such file
> or Directory' for any attempted, or successful exploit.
Here's what I saw:
Jul 26 00:09:30 jfwhome telnetd: ttloop: peer died: No such file or directory
Jul 26 00:10:46 jfwhome telnetd: ttloop: peer died: No such file or directory
Jul 26 00:37:57 jfwhome telnetd: ttloop: peer died: No such file or directory
Jul 26 00:39:33 jfwhome telnetd: ttloop: read: Connection reset by peer
Jul 26 01:22:44 jfwhome telnetd: ttloop: peer died: No such file or directory
It certainly looks like the script kiddie community has jumped on this bug
with relish. Before this was announced, that last time I saw that message
was April 17.