SSH issues...
KevinO
plug-discuss@lists.PLUG.phoenix.az.us
Tue, 04 Dec 2001 20:39:22 -0700
What are the contents of :
$HOME/.ssh/config
/etc/ssh/ssh_config
?
Thomas Mondoshawan Tate wrote:
>
> On Tue, Dec 04, 2001 at 06:43:24PM -0800, Lowell Hamilton wrote:
> > That has the signature of an exploited machine. I have seen several of
> > these with the same issues. When people exploit the CRC-32 ssh hole,
> > the rootkits disable ssh to keep others from using the same exploit,
> > and it has the affect of locking legit users out as well. I'm not
> > saying it's guaranteed to be it, but it is possible. If you used any
> > redhat distribution or several others they come default with an old
> > (pre v2.9) OpenSSH which is vulnerable.
> >
> > Lowell
>
> I built this machine from the ground up from source copies of the latest
> distributions of each package. I'm running OpenSSH_3.0p1, with protocols
> 1.5/2.0. The system was just recently installed to the outside world a few
> seconds ago, so it's not possible for it to be rooted this early. =op
>
> --
> Thomas "Mondoshawan" Tate
> phoenix@psy.ed.asu.edu
> http://tank.dyndns.org
>
> ------------------------------------------------------------------------
> Part 1.2Type: application/pgp-signature
--
Kevin O'Connor
"People will be free to devote themselves to activities that are fun
...
The GNU Manifesto - Copyright (C) 1985, 1993 Free Software Foundation,
Inc.