Sean McLinden wrote: > > >[Description of mailing a script to a shell on sendmail-based systems deleted.] I like the built-in socks part. Cute. Perhaps the next version of socks should provide some sort of encrypted token exchange to allow only 'approved' clients to connect, even from inside your bastion host... > This "sort of attack" was the basis for the Morris Internet Worm which > attracted (inter)national attention a few years back (I always preferred > the term "Trojan Horse") Um, I thought the sendmail hole the the Morris worm used was the infamous 'wizard' mode, where you telnetted into the sendmail port and typed 'wizard'. Then sendmail just asked for a password and if you provided it, dropped you in to a root shell. -- ericm ericm@microunity.com