Re: chkrootkit reporting sshd vulnerable?
From: Richard E. Silverman (slade@shore.net)Date: 12/29/01
- Previous message: Doctor Zen: "Re: chkrootkit reporting sshd vulnerable?"
- In reply to: Doctor Zen: "Re: chkrootkit reporting sshd vulnerable?"
- Next in thread: Doctor Zen: "Re: chkrootkit reporting sshd vulnerable?"
- Next in thread: Henri Karrenbeld: "Re: chkrootkit reporting sshd vulnerable?"
- Reply: Doctor Zen: "Re: chkrootkit reporting sshd vulnerable?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: slade@shore.net (Richard E. Silverman) Date: 29 Dec 2001 10:22:50 -0500
>>>>> "DZ" == Doctor Zen <hidden@from.spammers.net> writes:
DZ> ssh 3.0.1 (commercial) and chkrootkit v0.33 When I run chkrootkit
DZ> locally it reports sshd not vulnerable, but when I ssh into the
DZ> box and then run chkrootkit on it in the shell I get "sshd
DZ> vulnerable but disabled".
>> This is a little confusing. When you say "locally," I think you
>> actually mean remotely -- that is on "the box" in question from
>> elsewhere, examining its open network ports.
DZ> No, "locally" means sitting at the keyboard with the box in front
DZ> of me.
Oh -- you meant you get different results depending on whether you log in
on the console, versus logging via SSH and running the same tool? I would
say in both cases you're running chkrootkit "locally." Whatever.
-- Richard Silverman slade@shore.net
- Previous message: Doctor Zen: "Re: chkrootkit reporting sshd vulnerable?"
- In reply to: Doctor Zen: "Re: chkrootkit reporting sshd vulnerable?"
- Next in thread: Doctor Zen: "Re: chkrootkit reporting sshd vulnerable?"
- Next in thread: Henri Karrenbeld: "Re: chkrootkit reporting sshd vulnerable?"
- Reply: Doctor Zen: "Re: chkrootkit reporting sshd vulnerable?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
