Full Disclosure mailing list archives
Re: SNMP Broadcasts
From: "J.A. Terranson" <measl () mfn org>
Date: Fri, 16 Jul 2004 15:06:53 -0500 (CDT)
On Fri, 16 Jul 2004, Barry Fitzgerald wrote:
J.A. Terranson wrote:Oh, I get it. So if root executes "sshd -p 45522" --this is not *technically* ssh, right?If sshd is running on 45522 it's a back door Marty :-) And no, in this case, pedantic or not, it's not "ssh" as is commonly accepted.
I disagree. It may not be completely standard compliant (in so far as the standard assigns a common usage port), but it sure as hell is the SSH protocol.
Agreed. It is the SSH protocol, but it is not the SSH *service*. It violates the standard (as you note). If I write a trojan that uses HTTP to process requests, then park it on 31337, I do not have an HTTP serv(er|ice). I have a trojan which happens to use the HTTP protocol.
When you say "that's running on this port, but it's not SSH" you're not sending the message to people that it's not SSH because it has to be compliant, you're sending the message to people that it's *not the SSH protocol at all*...
No, not at all. There's a big difference between a *standardized service* and it's underlying protocols. In order to be SSH, it must comply with all of the standards for SSH. Otherwise, you get a M$ Windows product.
I think the fact that you're being pedantic with this issue confuses the point
I understood that risk during the first post, and deliberately made note of that.
and is, pretty much, worthless. No one, frankly, gives a sh*t if you consider it to not be SSH because it's not on the port that makes you happy
As a non member of the appropriate standards bodies, what I would like is irrelevant. If you assess a site, and report that they have ssh running on port 31337, you are not providing factual data - you are providing an uninformed opinon, which is *wrong*.
Saying what you said above is counterproductive and will only serve to confuse people. Perhaps you should wratchet up your pedantic nature and instead of saying that it's "not SSH because it's on the wrong port" say "it's non-compliant SSH because it's on the wrong port".
Except for you, I think everyone else *got* the point.
Otherwise it's a case of the pot calling the kettle black. -Barry p.s. This is the end of that issue as far as I'm concerned. If you continue to claim that it's "not the SSH protocol", you're just being difficult.
Then I'm being difficult. But in the end, this is my attempt to realign your thinking on it. That you are immobile is not something I can help. -- Yours, J.A. Terranson sysadmin () mfn org 0xBD4A95BF "...justice is a duty towards those whom you love and those whom you do not. And people's rights will not be harmed if the opponent speaks out about them." Osama Bin Laden - - - "There aught to be limits to freedom!" George Bush - - - Which one scares you more? _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- SNMP Broadcasts BillyBob (Jul 13)
- Re: SNMP Broadcasts J.A. Terranson (Jul 13)
- Message not available
- Message not available
- Re: SNMP Broadcasts Mohit Muthanna (Jul 14)
- Message not available
- Re: SNMP Broadcasts J.A. Terranson (Jul 13)
- Re: SNMP Broadcasts Mohit Muthanna (Jul 14)
- <Possible follow-ups>
- Re: SNMP Broadcasts Martin Wasson (Jul 15)
- Re: SNMP Broadcasts J.A. Terranson (Jul 15)
- Re: SNMP Broadcasts tshilson (Jul 15)
- Re: SNMP Broadcasts Barry Fitzgerald (Jul 16)
- Re: SNMP Broadcasts J.A. Terranson (Jul 16)
- Re: SNMP Broadcasts Barry Fitzgerald (Jul 16)
- Re: SNMP Broadcasts J.A. Terranson (Jul 16)
- Re: SNMP Broadcasts Barry Fitzgerald (Jul 19)
- RE: SNMP Broadcasts Yaakov Yehudi (Jul 19)
- Re: SNMP Broadcasts J.A. Terranson (Jul 15)
- Re: SNMP Broadcasts Mohit Muthanna (Jul 16)
- Re: SNMP Broadcasts tshilson (Jul 16)