Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Automated ssh scanning

From: Richard Verwayen <holle () ackw de>
Date: Thu, 26 Aug 2004 09:15:02 +0200
On Thu, 2004-08-26 at 03:26, Henrik Persson wrote:

On Thu, 2004-08-26 at 00:32, Richard Verwayen wrote:

Hello list!

A few weeks ago there was a discussion about automated ssh scanning with
user/password combinations like guest/guest or admin/admin.
I set up a debian woody fully patched with both accounts activated, and
got rooted some days later...

*snip*

Uhm. How do you mean, "fully patched"? What kernel were you running?

Hello Henrik

I am relying on the debian software distribution system, so it was there
latest stable kernel-source for woody. So it was the latest debianised
2.4.19. Shouldn't I believe it secured against these exploits?

Richard

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: