[Full-disclosure] Re: reduction of brute force login attempts viaSSHthrough iptables --hashlimit

From: "Dave Korn" <davek_throwaway@xxxxxxxxxxx>
Date: Fri, 3 Mar 2006 15:59:23 -0000

GroundZero Security wrote:

Oh well...as i said its a QUICK script
and not a PERFECT solution to the problem.

The fact that you threw together this booby-trap in a few minutes does not
get you off the hook for the fact that it is a booby trap that you were
offering to other people. Given that the script is a deadly threat to
anyone's security who runs it, offering it around to them just is NOT "being
helpful" or "better than nothing". Remember, anyone who doesn't run this
script has no problem worse than annoying noise in their log files. Your
script solves the problem of annoying noise in the logs at the expense of
opening a massive remote execution vulnerability. That is NOT a worthwhile
tradeoff EVER.

I made it for personal
use originally and it does its job..sofar i NEVER had problems with
it and usually
an attacker wont know you run it (i know thats not an execuse).

HEY EVERYONE! SK IS RUNNING A VULNERABLE SCRIPT ON HIS BOX! LAST ONE TO
PWN HIM IS A SUXXOR!

cheers,
DaveK
--
Can't think of a witty .sigline today....

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Re: reduction of brute force login attemptsviaSSHthrough iptables --hashlimit
  - From: GroundZero Security

References:
- [Full-disclosure] reduction of brute force login attempts via SSH through iptables --hashlimit
  - From: Jay Libove
- Re: [Full-disclosure] reduction of brute force login attempts via SSH through iptables --hashlimit
  - From: GroundZero Security
- Re: [Full-disclosure] reduction of brute force login attempts via SSH through iptables --hashlimit
  - From: nocfed
- Re: [Full-disclosure] reduction of brute force login attempts via SSHthrough iptables --hashlimit
  - From: GroundZero Security

Prev by Date: [Full-disclosure] Re: Arin.net XSS
Next by Date: RE: [Full-disclosure] Re: Arin.net XSS
Previous by thread: Re: [Full-disclosure] reduction of brute force login attempts via SSHthrough iptables --hashlimit
Next by thread: Re: [Full-disclosure] Re: reduction of brute force login attemptsviaSSHthrough iptables --hashlimit
Index(es):
- Date
- Thread

Relevant Pages

Re: Recording AD Logons to SQL Database
... and from what pc by running the code below in my login script. ... ' Specify SQL Server, Instance name, and database. ... on demand to combine them into a single csv file. ... intervention is required in order to keep the log files to a reasonable size ...
(microsoft.public.windows.server.scripting)
Re: [Info-Ingres] Setting up Ingres Security Auditing for query_text
... of a shell script to archive the audit files, ... refusing to restart if there is a problem in the log files. ... Register into a normal database, ... Set the audit files to be small to test file "switching". ...
(comp.databases.ingres)
Re: VBScript cant read NTBackup log files
... Even though the log files appear to be text files, my script returns the same three garbage characters from every NTBackup log file. ...
(microsoft.public.windows.server.scripting)
Re: Size of wtmp files
... for logrotate to configure it the way you want. ... > a script to run 'last' repeatedly on zcatted versions of the rotated files, ... an attacker has full reign to edit the log files with impunity. ...
(comp.os.linux.misc)
REQ: Raw log file generator script
... I mean that I want to create log files that will contain ALL POSSIBLE ... spend, entry and exit page, browser type and version, operating system, ... Unless somebody can send me a better script to create log files. ... that does not give me the raw log data. ...
(alt.php)