[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Automated ssh scanning

To: FD <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: Re: [Full-Disclosure] Automated ssh scanning
From: David Vincent <support@xxxxxxxxxxxxxxxx>
Date: Wed, 25 Aug 2004 18:11:57 -0700

Richard Verwayen wrote:

Hello list!
A few weeks ago there was a discussion about automated ssh scanning with
user/password combinations like guest/guest or admin/admin.
I set up a debian woody fully patched with both accounts activated, and
got rooted some days later...
The attackers installed some software and irc-bots and tried to use this host for testing other computers, thats not the point. I would like to know where's the weak point in the system? As the system was updates on a daily base! The only known weakness were these two accounts!

you didn't set up admin/admin as root did you?

just asking.

-d

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] Automated ssh scanning
  - From: Richard Verwayen

References:
- [Full-Disclosure] Automated ssh scanning
  - From: Richard Verwayen

Prev by Date: Re: [Full-Disclosure] Automated ssh scanning
Next by Date: Re: [Full-Disclosure] Automated ssh scanning
Previous by thread: Re: [Full-Disclosure] Automated ssh scanning
Next by thread: Re: [Full-Disclosure] Automated ssh scanning
Index(es):
- Date
- Thread