browsing may come as a surprise.
You can find the blog entry at
http://www.spybye.org/
and source code for download at
http://www.monkey.org/~provos/spybye/
Let me know if you have any feedback.
Regards,
Niels Provos.
Systrace, install Marius Eriksen's excellent kernel
patches for Linux:
http://www.citi.umich.edu/u/provos/systrace/linux.html
Regards,
Niels Provos.
certificate.
Furthermore, the top ten entries receive a copy of Lance Spitzner's
new book Honeypots: Tracking Hackers, signed by Lance and me. Judges
include:
- Mike Clark
- Job de Haas
- Niels Provos
- Rain Forest Puppy
- Lance Spitzner
The challenge officially begins on Monday the 17th of February
OpenSSH Security Advisory (adv.trojan)
1. Systems affected:
OpenSSH version 3.2.2p1, 3.4p1 and 3.4 have been trojaned on the
OpenBSD ftp server and potentially propagated via the normal mirroring
process to other ftp servers. The code was inserted some time between
the 30th and 31th of July.
A buffer overflow exists in OpenSSH's sshd if sshd has been compiled
with Kerberos/AFS support and KerberosTgtPassing or AFSTokenPassing
has been enabled in the sshd_config file. Ticket and token passing
is not enabled by default.
1. Systems affected:
All Versions of OpenSSH compiled
frequently. After scanning, for example, the output
can be piped through
"|grep -i ssh |grep -v "OpenSSH_2.3.[02]"
to find ssh protocol servers that need to be upgraded.
Regards,
Niels Provos.
In message 073f01c09136$ddc04240$2e58a8c0@ffornicario, =?iso-8859-1?Q?Iv=E1n_
Arce?= writes:
OpenSSH
The vulnerability is present in OpenSSH up to version 2.3.0,
although it is not possible to exploit it due to limits imposed
on the number of simultaneous connections the server is allowed
Please, check http://www.openssh.com/security.html for a full summary of
security related issues in OpenSSH.
OpenBSD Security Advisory
February 8, 2001
PMTU discovery is used by TCP (primarily if not exclusively). Isn't it
possible to 1. check TCP sequence numbers in ICMP frag. needed messages
generated as a response to a TCP datagram (in the same way they should be
checked on any ICMP dest. unreachable to prevent a trivial DoS),
2. disregard
Hi Robert,
This thread was about how default configurations can have negative
impact on security. You mention the CheckHostIP option in OpenSSH.
CheckHostIP defaults to 'yes'. It introduces only additional checks
and has not influence on permitting an SSH session to proceed. Thus it
has no
In message [EMAIL PROTECTED], Gerardo Richarte writes:
To make this clear: in combination with the buffer overflow in rsaglue.
c this makes possible to get
a remote shell on a machine running sshd AND it also makes possible to use a r
everse exploit to gain access on
clients' machines,
11 matches
Mail list logo