Re: [Full-Disclosure] Vulnerability in sourceforge.net

From: J.A. Terranson (measl_at_mfn.org)
Date: 07/22/04

  • Next message: Todd Towles: "RE: [Full-Disclosure] Vulnerability in sourceforge.net"
    To: "Gregory A. Gilliss" <ggilliss@netpublishing.com>
    Date: Thu, 22 Jul 2004 16:36:35 -0500 (CDT)
    
    

    On Thu, 22 Jul 2004, Gregory A. Gilliss wrote:

    > Really...FreeBSD comes with user nobody set to /sbin/nologin out of the
    > box.

    And this is bad or related how? I really do not see the connection to
    this default setting (a reasonable one) and an admin's failure to config
    their web server properly.

    > Maybe they should have chosen a better host OS?

    What on earth does the host OS have to do with this?

    > On or about 2004.07.22 07:49:53 +0000, Todd Towles (toddtowles@brookshires.com) said:
    >
    > > Sounds like they should have configured that page a bit different...made it
    > > run under a little less access...or said I say..it is a mis-configuration.

    Exactly! This is host OS independent.

    -- 
    Yours,
    J.A. Terranson
    sysadmin@mfn.org
    0xBD4A95BF
      "...justice is a duty towards those whom you love and those whom you do
      not.  And people's rights will not be harmed if the opponent speaks out
      about them."      Osama Bin Laden
    	- - -
      "There aught to be limits to freedom!"    George Bush
    	- - -
    Which one scares you more?
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html
    

  • Next message: Todd Towles: "RE: [Full-Disclosure] Vulnerability in sourceforge.net"

    Relevant Pages

    • Re: [Full-Disclosure] Vulnerability in sourceforge.net
      ... On Thu, 22 Jul 2004, Gregory A. Gilliss wrote: ... Maybe they should have chosen a better host OS? ... Charter: http://lists.netsys.com/full-disclosure-charter.html ...
      (Full-Disclosure)
    • understanding chkrootkit: sshd section
      ... Rhosts Authentication disabled, originating port will not be trusted. ... Secure connection to %.100s on port %hu refused%.100s. ... Warning: Remote host refused compression. ... Received RSA challenge from server. ...
      (comp.security.unix)
    • understanding chkrootkit: sshd section
      ... Rhosts Authentication disabled, originating port will not be trusted. ... Secure connection to %.100s on port %hu refused%.100s. ... Warning: Remote host refused compression. ... Received RSA challenge from server. ...
      (comp.os.linux.security)
    • Re: ICS and FS trouble
      ... >>>client for ms networks, service advertising protocol, file and printer ... >>>execept that the MS beta AntiSpyware connects to the internet and recognises ... >> Microsoft doesn't support changing the ICS host computer's LAN ... >> Internet connection has a 192.168.0.x address that can't be changed to ...
      (microsoft.public.windowsxp.network_web)
    • Re: understanding chkrootkit: sshd section
      ... Connection will not be encrypted. ... > Rhosts Authentication disabled, originating port will not be trusted. ... > Could not request local forwarding. ... Remote host failed or refused to allocate a pseudo tty. ...
      (comp.os.linux.security)