Re: chkrootkit reporting sshd vulnerable?
From: Richard E. Silverman (slade@shore.net)Date: 12/28/01
- Next message: jfw@radiDELMEx.net: "Re: OpenSSH_3.0.2p1 root cannot login with password"
- Previous message: Bjornar Saternes: "Re: SSH and port forwardings to private interface"
- In reply to: Doctor Zen: "chkrootkit reporting sshd vulnerable?"
- Next in thread: nickd@nospam.demon.co.uk: "Re: chkrootkit reporting sshd vulnerable?"
- Reply: nickd@nospam.demon.co.uk: "Re: chkrootkit reporting sshd vulnerable?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: slade@shore.net (Richard E. Silverman) Date: 28 Dec 2001 15:59:07 -0500
>>>>> "DZ" == Doctor Zen <hidden@from.spammers.net> writes:
DZ> ssh 3.0.1 (commercial) and chkrootkit v0.33 When I run chkrootkit
DZ> locally it reports sshd not vulnerable, but when I ssh into the
DZ> box and then run chkrootkit on it in the shell I get "sshd
DZ> vulnerable but disabled".
This is a little confusing. When you say "locally," I think you actually
mean remotely -- that is on "the box" in question from elsewhere,
examining its open network ports.
Anyway, I don't know anything about chkrootkit, but this makes sense.
Assuming it is referring to a vulnerability in sshd1, when scanning the
box remotely, the tool can only see that protocol 1 is disabled, and so
reports that the host is not vulnerable. Running it on the host, however,
it can see that sshd1 is installed, but not available, and so it reports
that.
-- Richard Silverman slade@shore.net
- Next message: jfw@radiDELMEx.net: "Re: OpenSSH_3.0.2p1 root cannot login with password"
- Previous message: Bjornar Saternes: "Re: SSH and port forwardings to private interface"
- In reply to: Doctor Zen: "chkrootkit reporting sshd vulnerable?"
- Next in thread: nickd@nospam.demon.co.uk: "Re: chkrootkit reporting sshd vulnerable?"
- Reply: nickd@nospam.demon.co.uk: "Re: chkrootkit reporting sshd vulnerable?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
