browsing may come as a surprise.
You can find the blog entry at
http://www.spybye.org/
and source code for download at
http://www.monkey.org/~provos/spybye/
Let me know if you have any feedback.
Regards,
Niels Provos.
e/
If you like Systrace, install Marius Eriksen's excellent kernel
patches for Linux:
http://www.citi.umich.edu/u/provos/systrace/linux.html
Regards,
Niels Provos.
Honeyd Security Advisory 2006-001
=
Topic:Remote Detection Via Multiple Probe Packets
Version: All versions prior to Honeyd 1.5
Severity: Identification of Honeyd installations allows an
adversary to launch attacks specifically against
Hon
certificate.
Furthermore, the top ten entries receive a copy of Lance Spitzner's
new book "Honeypots: Tracking Hackers," signed by Lance and me. Judges
include:
- Mike Clark
- Job de Haas
- Niels Provos
- Rain Forest Puppy
- Lance Spitzner
The challenge officially begins on Monday the 1
OpenSSH Security Advisory (adv.trojan)
1. Systems affected:
OpenSSH version 3.2.2p1, 3.4p1 and 3.4 have been trojaned on the
OpenBSD ftp server and potentially propagated via the normal mirroring
process to other ftp servers. The code was inserted some time between
the 30th and 31th of July. W
o the base system. It has recently been
integrated into NetBSD, as well.
You can find more information at
http://www.citi.umich.edu/u/provos/systrace/
Regards,
Niels Provos.
A buffer overflow exists in OpenSSH's sshd if sshd has been compiled
with Kerberos/AFS support and KerberosTgtPassing or AFSTokenPassing
has been enabled in the sshd_config file. Ticket and token passing
is not enabled by default.
1. Systems affected:
All Versions of OpenSSH compiled wi
, for example, the output
can be piped through
"|grep -i ssh |grep -v "OpenSSH_2.3.[02]"
to find ssh protocol servers that need to be upgraded.
Regards,
Niels Provos.
Please, check http://www.openssh.com/security.html for a full summary of
security related issues in OpenSSH.
OpenBSD Security Advisory
February 8, 2001
In message <073f01c09136$ddc04240$2e58a8c0@ffornicario>, =?iso-8859-1?Q?Iv=E1n_
Arce?= writes:
> OpenSSH
> The vulnerability is present in OpenSSH up to version 2.3.0,
> although it is not possible to exploit it due to limits imposed
> on the number of simultaneous connections the server is al
>PMTU discovery is used by TCP (primarily if not exclusively). Isn't it
>possible to 1. check TCP sequence numbers in ICMP frag. needed messages
>generated as a response to a TCP datagram (in the same way they should be
>checked on any ICMP dest. unreachable to prevent a trivial DoS),
>2. disregar
Hi Robert,
This thread was about how default configurations can have negative
impact on security. You mention the CheckHostIP option in OpenSSH.
CheckHostIP defaults to 'yes'. It introduces only additional checks
and has not influence on permitting an SSH session to proceed. Thus it
has no negat
In message <[EMAIL PROTECTED]>, Gerardo Richarte writes:
> To make this clear: in combination with the buffer overflow in rsaglue.
>c this makes possible to get
>a remote shell on a machine running sshd AND it also makes possible to use a r
>everse exploit to gain access on
>clients' machine
13 matches
Mail list logo