Re: sshd - Setting your ports at 2222 or another port above …

Top Page
Attachments:
Message as email
+ (text/plain)
+ (text/html)
+ (text/plain)
Delete this message
Reply to this message
Author: Lisa Kachold
Date:  
To: Main PLUG discussion list
Subject: Re: sshd - Setting your ports at 2222 or another port above 1024
Sorry,

Actually the first link (on securitytube) shows how to get a shell.

The correct second link shows how to gain root from a shell account from a
(modern OS) kernel exploit (on 64bit OS [which many cloud and internet
servers now run]):

http://www.pcworld.com/businesscenter/article/205867/linux_kernel_exploit_gives_hackers_a_back_door.html

http://seclists.org/fulldisclosure/2010/Dec/85

Or if you run older kernels:

http://it.slashdot.org/story/08/02/10/2011257/Linux-Kernel-26-Local-Root-Exploit

And if you want the videos:

http://www.google.com/search?q=linux+kernel+exploits+video&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a

On Sat, Mar 19, 2011 at 11:32 PM, James Mcphee <> wrote:

> The video I got instead of sshd brute forcing was for data in an
> imagefile. When I searched the site, I could only find a couple vids for
> various password brute forcers. Was this something besides that?
> On Mar 19, 2011 7:16 AM, "Lisa Kachold" <> wrote:
> > Brute forcing sshd, gaining a non-privileged user shell on any sshd
> > configured above 1024:
> > http://www.securitytube.net/video/1641
> >
> > Once we have a nice user shell, we can gain root:
> > Here's the most recent linux kernel exploit:
> > http://securitytube.net/video/1642
> >
> > Disclaimer: All exploit education is intended for lab demonstration for
> the
> > purposes of education. We do not recommend you try this at home.
> >
> > WE DO RECOMMEND that all Linux Administrators out there TURN OFF SSHD or
> SSH
> > Servers and ONLY use VPN's.
> > --
> > (503) 754-4452 iPhone
> > (623) 239-3392 Skype
> > (623) 688-3392 Google Voice
> >
> > http://www.obnosis.com
> >
> > Senior Systems Administrator
> > IncentiveLogic,com
> >
> > *Catch My IP CAM Surveillance
> > Presentation @ ABLEConf.com in April!*
>
> ---------------------------------------------------
> PLUG-discuss mailing list -
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss
>




--
(503) 754-4452 iPhone
(623) 239-3392 Skype
(623) 688-3392 Google Voice

http://www.obnosis.com

Senior Systems Administrator
IncentiveLogic,com

*Catch My IP CAM Surveillance
Presentation @ ABLEConf.com in April!*
---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss