Re: !SPAM! Automated ssh scanning

[Jan Luehr <jluehr () gmx net>]

Greetings,

Am Donnerstag, 26. August 2004 19:44 schrieb Richard Verwayen:
> On Thu, 2004-08-26 at 18:36, Tremaine wrote:
> > On Thu, 26 Aug 2004 09:43:13 -0500 (CDT), Ron DuFresne
> >
> > <dufresne () winternet com> wrote:
> > > On Thu, 26 Aug 2004, Richard Verwayen wrote:
> > > > On Thu, 2004-08-26 at 15:12, Todd Towles wrote:
> > > > >  The kernel could be save. But with weak passwords, you are toast.
> > > > > Any automated tool would test guest/guest.
> > > >
> > > > Hello Todd!
> > > >
> > > > You are right about the passwords, but guest is only a unprivileged
> > > > account as you may have on many prodruction machines. But they
> > > > managed to become root on this machine due to a kernel(?) exploit!
> > > > Should I then consider any woody system to be insecure to let people
> > > > work at?
> > >
> > > If your uasers are not trustable, then they should not have access to
> > > local systems of yours.  Once a person has a shell, then they are 95%
> > > to root.
> > >
> > > Thanks,
> > >
> > > Ron DuFresne
> >
> > Fair point... but it would still be nice to determine precisely how
> > they are getting root access so preventative measures can be taken and
> > the hole plugged.
>
> Some more infos maybe useful:

Hail to OpenBSD or what? Are you refering to a fully patched Woody?

Keep smiling
yanosz

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html