Re: chkrootkit reporting sshd vulnerable?

From: Doctor Zen (hidden@from.spammers.net)
Date: 12/29/01


From: Doctor Zen <hidden@from.spammers.net>
Date: Sat, 29 Dec 2001 14:55:13 +0000

nickd@nospam.demon.co.uk wrote:

> Richard E. Silverman <slade@shore.net> wrote:
>>>>>>> "DZ" == Doctor Zen <hidden@from.spammers.net> writes:
>>
>> DZ> ssh 3.0.1 (commercial) and chkrootkit v0.33 When I run chkrootkit
>> DZ> locally it reports sshd not vulnerable, but when I ssh into the
>> DZ> box and then run chkrootkit on it in the shell I get "sshd
>> DZ> vulnerable but disabled".

> Chkrootkit only works locally, worth two minutes of your time Mr.
> Silverman

Ah, that looks like the answer! Thanks everyone.

doc



Relevant Pages

  • Re: Is SSH worth it??
    ... In general, I would say, yes, it's worth it. ... expensive and complicated to set up than ssh. ... "We have 10 users accessing the servers through a switched LAN. ... I'm not sure why going from rsh to ssh would be a hassle. ...
    (Security-Basics)
  • RE: Is SSH worth it??
    ... switch networks is not a protection against it. ... ettercap is the first software capable to sniff an SSH ... Subject: Is SSH worth it?? ... are there no hubs in this entire network? ...
    (Security-Basics)
  • Re: Limit to processes
    ... > You did try to login remote, via ssh? ... thats maybe worth a try. ... or/and work on those progs that shouldn't happen. ...
    (comp.os.linux.misc)
  • Re: Usenet software for Windows Mobile/PPC?
    ... I actually use slrn over ssh, but as a stand-alone I have ... It's not free but it's worth the money, ...
    (news.software.readers)
  • Re: Package to block random SSH login attempts?
    ... A script like chkrootkit which ... search for the signature of a past ssh attack. ... A simple reference in the doc of ssh could alarm lots of people. ... Might not want to use your canonical email address though! ...
    (Debian-User)