Security Incidents mailing list archives
Re: Attacks against SSH?
From: Andreas Wiesmann <laj () swordlord com>
Date: Mon, 3 Dec 2001 19:48:56 +0100
The server is running Red Hat 7.0. With all packages up to date. The following daemons are running: wu-ftpd, apache, telnet, openssh, named I never access the system via telnet, it is there just for backup purpose.
I guess its the wu-ftpd exploit that lead to root access not ssh, probably they checked several exploits until one worked.
laj -- Andreas Wiesmann, Beaumontweg 38, 3007 Bern P 031 372 12 22, G 031 951 70 05, Fax 031 951 70 08 ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service.For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Re: Attacks against SSH?, (continued)
- Re: Attacks against SSH? Przemyslaw Frasunek (Dec 05)
- Re: Attacks against SSH? Jason Robertson (Dec 04)
- Re: Attacks against SSH? f.johan.beisser (Dec 04)
- SSH1 CRC32 Compensation Attacks Armando B. Ortiz (Dec 10)
- Re: SSH1 CRC32 Compensation Attacks Andreas Östling (Dec 10)
- Re: SSH1 CRC32 Compensation Attacks Armando Ortiz (Dec 10)
- Re: Attacks against SSH? Florian Weimer (Dec 04)
- Re: Attacks against SSH? Steven S (Dec 03)
- Re: Attacks against SSH? Adam Manock (Dec 04)
- Message not available
- Message not available
- Re: Attacks against SSH? johan . augustsson (Dec 06)
- Re: Attacks against SSH? David Chin (Dec 05)
- Re: Attacks against SSH? Skip Carter (Dec 05)
- Re: Attacks against SSH? Skip Carter (Dec 06)