Consider the following... Almost 99% of ftpd's installed around the net enable anonymous logins to d/l the /etc/passwd file. Just get the file and re-code the login source (VERY simple) to try all combinations on the root password from the file you just d/l on YOUR OWN MACHINE - result: A. MUCH MUCH faster then doing it on the actual target machine. B. Completely safe - everything is done on your machine - I.E. no logging is done anywhere!!!! -------------------------------------------------------------------------- - | | - Ze'ev Maor | "We all have a little Daemon inside... | - gmaor@tx.technion.ac.il | ...Waiting to come out and become a kernel"| - | | -------------------------------------------------------------------------- On Tue, 4 Jun 1996, *Hobbit* wrote: > Pop3 isn't the only thing with that problem. Stock rexec, for example, never > logs anything and is another good way to hammer on password guesses from the > outside. [See "rservice.c" to make this easier...] Several other daemons, > particularly the vendor-supplied variety, are similarly lame. That's what tcp > wrappers and logdaemon are for.. > > _H* >