Re: [Full-Disclosure] Automated ssh scanning
From: Richard Verwayen (holle_at_ackw.de)
To: FD <firstname.lastname@example.org> Date: Thu, 26 Aug 2004 09:15:02 +0200
On Thu, 2004-08-26 at 03:26, Henrik Persson wrote:
> On Thu, 2004-08-26 at 00:32, Richard Verwayen wrote:
> > Hello list!
> > A few weeks ago there was a discussion about automated ssh scanning with
> > user/password combinations like guest/guest or admin/admin.
> > I set up a debian woody fully patched with both accounts activated, and
> > got rooted some days later...
> Uhm. How do you mean, "fully patched"? What kernel were you running?
I am relying on the debian software distribution system, so it was there
latest stable kernel-source for woody. So it was the latest debianised
2.4.19. Shouldn't I believe it secured against these exploits?
Full-Disclosure - We believe in it.