[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: !SPAM! [Full-Disclosure] Automated ssh scanning
- To: full-disclosure@xxxxxxxxxxxxxxxx
- Subject: Re: !SPAM! [Full-Disclosure] Automated ssh scanning
- From: Jan Luehr <jluehr@xxxxxxx>
- Date: Thu, 26 Aug 2004 21:50:15 +0200
Greetings,
Am Donnerstag, 26. August 2004 19:44 schrieb Richard Verwayen:
> On Thu, 2004-08-26 at 18:36, Tremaine wrote:
> > On Thu, 26 Aug 2004 09:43:13 -0500 (CDT), Ron DuFresne
> >
> > <dufresne@xxxxxxxxxxxxx> wrote:
> > > On Thu, 26 Aug 2004, Richard Verwayen wrote:
> > > > On Thu, 2004-08-26 at 15:12, Todd Towles wrote:
> > > > > The kernel could be save. But with weak passwords, you are toast.
> > > > > Any automated tool would test guest/guest.
> > > >
> > > > Hello Todd!
> > > >
> > > > You are right about the passwords, but guest is only a unprivileged
> > > > account as you may have on many prodruction machines. But they
> > > > managed to become root on this machine due to a kernel(?) exploit!
> > > > Should I then consider any woody system to be insecure to let people
> > > > work at?
> > >
> > > If your uasers are not trustable, then they should not have access to
> > > local systems of yours. Once a person has a shell, then they are 95%
> > > to root.
> > >
> > > Thanks,
> > >
> > > Ron DuFresne
> >
> > Fair point... but it would still be nice to determine precisely how
> > they are getting root access so preventative measures can be taken and
> > the hole plugged.
>
> Some more infos maybe useful:
Hail to OpenBSD or what? Are you refering to a fully patched Woody?
Keep smiling
yanosz
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html