Re: !SPAM! [Full-Disclosure] Automated ssh scanning

From: Jan Luehr (jluehr_at_gmx.net)
Date: 08/26/04

  • Next message: Ron DuFresne: "RE: !SPAM! [Full-Disclosure] Automated ssh scanning"
    To: full-disclosure@lists.netsys.com
    Date: Thu, 26 Aug 2004 21:50:15 +0200
    
    

    Greetings,

    Am Donnerstag, 26. August 2004 19:44 schrieb Richard Verwayen:
    > On Thu, 2004-08-26 at 18:36, Tremaine wrote:
    > > On Thu, 26 Aug 2004 09:43:13 -0500 (CDT), Ron DuFresne
    > >
    > > <dufresne@winternet.com> wrote:
    > > > On Thu, 26 Aug 2004, Richard Verwayen wrote:
    > > > > On Thu, 2004-08-26 at 15:12, Todd Towles wrote:
    > > > > > The kernel could be save. But with weak passwords, you are toast.
    > > > > > Any automated tool would test guest/guest.
    > > > >
    > > > > Hello Todd!
    > > > >
    > > > > You are right about the passwords, but guest is only a unprivileged
    > > > > account as you may have on many prodruction machines. But they
    > > > > managed to become root on this machine due to a kernel(?) exploit!
    > > > > Should I then consider any woody system to be insecure to let people
    > > > > work at?
    > > >
    > > > If your uasers are not trustable, then they should not have access to
    > > > local systems of yours. Once a person has a shell, then they are 95%
    > > > to root.
    > > >
    > > > Thanks,
    > > >
    > > > Ron DuFresne
    > >
    > > Fair point... but it would still be nice to determine precisely how
    > > they are getting root access so preventative measures can be taken and
    > > the hole plugged.
    >
    > Some more infos maybe useful:

    Hail to OpenBSD or what? Are you refering to a fully patched Woody?

    Keep smiling
    yanosz

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: Ron DuFresne: "RE: !SPAM! [Full-Disclosure] Automated ssh scanning"