Re: [Full-disclosure] Ubuntu 11.10 now unsecure by default

From: Mario Vilas <mvilas@xxxxxxxxx>
Date: Thu, 17 Nov 2011 18:50:12 +0100

The guest account has no password, but it's not possible to login remotely
with ssh.

On Thu, Nov 17, 2011 at 5:28 PM, Dave <mrx@xxxxxxxxxxxxxxxxxxx> wrote:

Hi,

What is the password for this guest account?
Is the password random generated?

Is remote access of any kind enabled by default for this guest account?

In what way is the guest account different from any of the half dozen or
so other accounts(with the obvious exception of access rights)
created during a default Ubuntu install?

How insecure is it really?

I am not an Ubuntu expert so these are genuine questions, I am far to busy
to research this at this time so I ask these questions in the hope
than an Ubuntu Guru comes forth and either allays all my/your/our fears(if
they exist) or scares me/us into action.

regards
Dave

--
“There's a reason we separate military and the police: one fights the enemy
of the state, the other serves and protects the people. When the military
becomes both, then the enemies of the state tend to become the people.”
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Ubuntu 11.10 now unsecure by default
  - From: James Condron
- Re: [Full-disclosure] Ubuntu 11.10 now unsecure by default
  - From: Valdis . Kletnieks
- Re: [Full-disclosure] Ubuntu 11.10 now unsecure by default
  - From: Cody Robertson

References:
- [Full-disclosure] Ubuntu 11.10 now unsecure by default
  - From: Olivier
- Re: [Full-disclosure] Ubuntu 11.10 now unsecure by default
  - From: Dave

Prev by Date: [Full-disclosure] US general: 'We're cleared to cyber-bomb enemy hackers'
Next by Date: Re: [Full-disclosure] US general: 'We're cleared to cyber-bomb enemy hackers'
Previous by thread: Re: [Full-disclosure] Ubuntu 11.10 now unsecure by default
Next by thread: Re: [Full-disclosure] Ubuntu 11.10 now unsecure by default
Index(es):
- Date
- Thread

Relevant Pages

Re: [Full-disclosure] Ubuntu 11.10 now unsecure by default
... Is remote access of any kind enabled by default for this guest account? ... I am not an Ubuntu expert so these are genuine questions, I am far to busy to research this at this time so I ask these questions in the hope ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
(Full-Disclosure)
Re: [Full-disclosure] Ubuntu 11.10 now unsecure by default
... Backdoors in ubuntu are now called features: ... Unfortunately remote SSH connection are not allowed, I suggest guest account to be silently add in /etc/shadow for 12.04. ... Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ ...
(Full-Disclosure)
Re: [Full-disclosure] Ubuntu 11.10 now unsecure by default
... Is the password random generated? ... Is remote access of any kind enabled by default for this guest ... In what way is the guest account different from any of the half ... I am not an Ubuntu expert so these are genuine questions, ...
(Full-Disclosure)
Re: Users without a password?
... an unprivileged guest account that can't really do anything on the ... That is the main risk. ... require local login access to the machine. ... If remote access is not allowed and you have an adequate ...
(Ubuntu)