[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Automated ssh scanning

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] Automated ssh scanning
From: Tig <tigger@xxxxxxxxxxxxxxxxx>
Date: Fri, 27 Aug 2004 00:28:24 +1000

On Thu, 26 Aug 2004 09:08:15 -0500 (CDT)
Ron DuFresne <dufresne@xxxxxxxxxxxxx> wrote:

> 
> 
> the real thing this user most likely suffered from was the weak
> account passwd double, guest:guest.  Now, if the admin and other
> account were setup with strong passwd's and this account was either
> setup with a strong passwd or not setup at all might be a better test
> of the stability of ssh and the debain setup in question.
> 
> Thanks,
> 
> Ron DuFresne
> 

I think some people are not really reading or understanding what is
going on. The box was a default install with one or two weak passwords
for _user_ accounts and a _strong_ password for the root.

Withing a short while, the root account was compromised, after the weak
user account was broken. I suggest people re-read what Richard Verwayen
has been saying (in German English, but still very readable :])

Basically, if you have a weak password on a user account, your
root account on a Debain box is screwed, other *nix distros maybe as
well.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- Re: [Full-Disclosure] Automated ssh scanning
  - From: Tig
- Re: [Full-Disclosure] Automated ssh scanning
  - From: Ron DuFresne

Prev by Date: RE: !SPAM! [Full-Disclosure] Automated ssh scanning
Next by Date: Re: !SPAM! [Full-Disclosure] Automated ssh scanning
Previous by thread: Re: [Full-Disclosure] Automated ssh scanning
Next by thread: Re: [Full-Disclosure] Automated ssh scanning
Index(es):
- Date
- Thread