Path: utzoo!attcan!uunet!ncrlnk!ncrcae!hubcap!gatech!uflorida!ukma!cwjcc!hal!nic.MR.NET!tank!mimsy!aplcen!aplcomm!trn@warper.jhuapl.edu From: trn@warper.jhuapl.edu (Tony Nardo) Newsgroups: comp.unix.wizards Subject: Re: Internet Virus: SunOS patches Message-ID: <2368@aplcomm.jhuapl.edu> Date: 10 Nov 88 05:35:52 GMT References: <76493@sun.uucp> Sender: news@aplcomm.jhuapl.edu Reply-To: trn%warper.jhuapl.edu@aplvax.jhuapl.edu (Tony Nardo) Organization: Johns Hopkins University/APL (Baltimore, Md.) Lines: 48 In article <76493@sun.uucp> chuq@plaid.Sun.COM (Chuq Von Rospach) writes: >Install the new fingerd as follows: > > % su > # cp in.fingerd /usr/etc/in.fingerd.new > # cd /usr/etc > # mv in.fingerd in.fingerd.orig > # mv in.fingerd.new in.fingerd > # chown root in.fingerd > # chmod 755 in.fingerd If you do this under SunOS 3.*, you will find that the *other* finger bug (which I will happily describe to anyone who E-mails me from "root") still exists. Instead, try the commands % su # cp in.fingerd /usr/etc/in.fingerd.new # cd /usr/etc # mv in.fingerd in.fingerd.orig # mv in.fingerd.new in.fingerd # chown news in.fingerd # chgrp news in.fingerd # chmod 6755 in.fingerd before rebooting. I chose "news" as my harmless user. You can use any sufficiently underpowered user in its place (except "nobody", or any other account with a negative user number). For SunOS 4.0, you can keep the file ownership as "root". Simply modify "inetd.conf" to run "fingerd" from a harmless user's account (again, do not use "nobody") rather than as "root". Tony Nardo P.S. *** DO NOT USE 'r' or 'R' to reply! *** Apologies to those on machines "aplcen" and below, who have now received this message twice. "warper" had a slight problem in sending news... ============================================================================== ARPA: trn%warper@aplvax.jhuapl.edu OR nardo%str.decnet@capsrv.jhuapl.edu BITNET: trn@warper.jhuapl.edu UUCP: {backbone!}mimsy!aplcen!aplcomm!warper!trn USnail: c/o Johns Hopkins University/APL, Room 7-53 Johns Hopkins Road, Laurel, Md. 20707 ==============================================================================