[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] installing ssh on raq2

Subject: Re: [cobalt-users] installing ssh on raq2
From: "Jens Kristian Søgaard" <jens@xxxxxxxxxxxxxxxxxxxx>
Date: Wed Jun 28 12:40:33 2000

> I >have< it installed, but have experienced no problems as of yet
(except for
> catching port-scanners who get, booted, but that's the point...), so
I'd like to
> know how it could be exploited.  I assume the attackers would have to
some how
> figure out that portsentry is running in the first place also..

Yes, but figuring that out is quite easy (just test it).

The main types of exploits are:

  1. Getting PortSentry to ban users that should be allowed to the
server (by spoofing ip-packages to weird ports).

  2. Use the same technique to fill your logfiles.


--
Jens Kristian Søgaard, Mermaid Consulting I/S,
jens@xxxxxxxxxxxxxxxxxxxx

References:
- Re: [cobalt-users] installing ssh on raq2
  - From: Chuck
- Re: [cobalt-users] installing ssh on raq2
  - From: H.P. Stroebel
- Re: [cobalt-users] installing ssh on raq2
  - From: Theodore Jones
- Re: [cobalt-users] installing ssh on raq2
  - From: Mike Vanecek
- Re: [cobalt-users] installing ssh on raq2
  - From: Theodore Jones

Prev by Date: Re: [cobalt-users] SMTP problems - HELP!
Next by Date: [cobalt-users] RE: Portsentry_ (was installing ssh on raq2)
Previous by thread: Re: [cobalt-users] installing ssh on raq2
Next by thread: Re: [cobalt-users] installing ssh on raq2

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index