[Touch-packages] [Bug 2024540] Re: Vulnerability Can Gain Access even with Time OTP Enabled
There is an entry called SYSV. It there some problem in it. ** Attachment added: "Screenshot_20230627_163157_Remmina.png" https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2024540/+attachment/5682254/+files/Screenshot_20230627_163157_Remmina.png -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/2024540 Title: Vulnerability Can Gain Access Status in openssh package in Ubuntu: Incomplete Bug description: Hi, We have noticed that when allowing firewall rule to open SSH port 22 of my computer, somebody in the local network gets access to the system, to prevent it we had added two factor authentication by adding Time based OTP using google authenticator and root login is disabled in configuration, our network have windows systems which are compromised they are infecting this system and installing XOR DDOS Malware in my system, the rkhunter log shows variation in lot of system binary files, The XOR DDOS is overwriting lot of files before installing itself in the system, i think there is some critical bug in ssh system, we thought they are bruteforcing ssh password, but even after putting time based two factor authentication they are able to infiltrate the system and gain access. The ubuntu we are using is 22.04 LTS Jammy. Our systems are constantly attacked by XOR DDOS Rootkit. We had even rate limited the ssh even then they gets access added OTP verification also. we think there is some severe security issue with ssh. More Details About XOR DDOS Here https://www.microsoft.com/en-us/security/blog/2022/05/19/rise-in-xorddos-a-deeper-look-at-the-stealthy-ddos-malware-targeting-linux-devices/ Also there is no option to attach multiple files here. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2024540/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2024540] Re: Vulnerability Can Gain Access even with Time OTP Enabled
What exactly is suspicious about remmina using shared memory? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/2024540 Title: Vulnerability Can Gain Access even with Time OTP Enabled Status in openssh package in Ubuntu: Incomplete Bug description: Hi, We have noticed that when allowing firewall rule to open SSH port 22 of my computer, somebody in the local network gets access to the system, to prevent it we had added two factor authentication by adding Time based OTP using google authenticator and root login is disabled in configuration, our network have windows systems which are compromised they are infecting this system and installing XOR DDOS Malware in my system, the rkhunter log shows variation in lot of system binary files, The XOR DDOS is overwriting lot of files before installing itself in the system, i think there is some critical bug in ssh system, we thought they are bruteforcing ssh password, but even after putting time based two factor authentication they are able to infiltrate the system and gain access. The ubuntu we are using is 22.04 LTS Jammy. Our systems are constantly attacked by XOR DDOS Rootkit. We had even rate limited the ssh even then they gets access added OTP verification also. we think there is some severe security issue with ssh. More Details About XOR DDOS Here https://www.microsoft.com/en-us/security/blog/2022/05/19/rise-in-xorddos-a-deeper-look-at-the-stealthy-ddos-malware-targeting-linux-devices/ Also there is no option to attach multiple files here. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2024540/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2024540] Re: Vulnerability Can Gain Access even with Time OTP Enabled
I am posting current scan report of rkhunter after connecting with windows computer using remmina, since i have added Time based OTP, may be i am saved from installation of XOR DDOS malware this time. ** Attachment added: "rkhunter.log" https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2024540/+attachment/5681584/+files/rkhunter.log -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/2024540 Title: Vulnerability Can Gain Access even with Time OTP Enabled Status in openssh package in Ubuntu: Incomplete Bug description: Hi, We have noticed that when allowing firewall rule to open SSH port 22 of my computer, somebody in the local network gets access to the system, to prevent it we had added two factor authentication by adding Time based OTP using google authenticator and root login is disabled in configuration, our network have windows systems which are compromised they are infecting this system and installing XOR DDOS Malware in my system, the rkhunter log shows variation in lot of system binary files, The XOR DDOS is overwriting lot of files before installing itself in the system, i think there is some critical bug in ssh system, we thought they are bruteforcing ssh password, but even after putting time based two factor authentication they are able to infiltrate the system and gain access. The ubuntu we are using is 22.04 LTS Jammy. Our systems are constantly attacked by XOR DDOS Rootkit. We had even rate limited the ssh even then they gets access added OTP verification also. we think there is some severe security issue with ssh. More Details About XOR DDOS Here https://www.microsoft.com/en-us/security/blog/2022/05/19/rise-in-xorddos-a-deeper-look-at-the-stealthy-ddos-malware-targeting-linux-devices/ Also there is no option to attach multiple files here. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2024540/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2024540] Re: Vulnerability Can Gain Access even with Time OTP Enabled
I am attaching sshd_config file ** Attachment added: "sshd_config" https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2024540/+attachment/5681583/+files/sshd_config -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/2024540 Title: Vulnerability Can Gain Access even with Time OTP Enabled Status in openssh package in Ubuntu: Incomplete Bug description: Hi, We have noticed that when allowing firewall rule to open SSH port 22 of my computer, somebody in the local network gets access to the system, to prevent it we had added two factor authentication by adding Time based OTP using google authenticator and root login is disabled in configuration, our network have windows systems which are compromised they are infecting this system and installing XOR DDOS Malware in my system, the rkhunter log shows variation in lot of system binary files, The XOR DDOS is overwriting lot of files before installing itself in the system, i think there is some critical bug in ssh system, we thought they are bruteforcing ssh password, but even after putting time based two factor authentication they are able to infiltrate the system and gain access. The ubuntu we are using is 22.04 LTS Jammy. Our systems are constantly attacked by XOR DDOS Rootkit. We had even rate limited the ssh even then they gets access added OTP verification also. we think there is some severe security issue with ssh. More Details About XOR DDOS Here https://www.microsoft.com/en-us/security/blog/2022/05/19/rise-in-xorddos-a-deeper-look-at-the-stealthy-ddos-malware-targeting-linux-devices/ Also there is no option to attach multiple files here. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2024540/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2024540] Re: Vulnerability Can Gain Access even with Time OTP Enabled
I think when i reinstalled the system i lost the logs, and this post is panic driven, i should have analysed my system without reinstalling so i can find out wheather it is related to openssh or remmina, i am connecting to a windows system using remmina, may be due to that my system is getting infected. Anyway I am posting sshd and sshd_config files here. ** Attachment added: "sshd" https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2024540/+attachment/5681582/+files/sshd -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/2024540 Title: Vulnerability Can Gain Access even with Time OTP Enabled Status in openssh package in Ubuntu: Incomplete Bug description: Hi, We have noticed that when allowing firewall rule to open SSH port 22 of my computer, somebody in the local network gets access to the system, to prevent it we had added two factor authentication by adding Time based OTP using google authenticator and root login is disabled in configuration, our network have windows systems which are compromised they are infecting this system and installing XOR DDOS Malware in my system, the rkhunter log shows variation in lot of system binary files, The XOR DDOS is overwriting lot of files before installing itself in the system, i think there is some critical bug in ssh system, we thought they are bruteforcing ssh password, but even after putting time based two factor authentication they are able to infiltrate the system and gain access. The ubuntu we are using is 22.04 LTS Jammy. Our systems are constantly attacked by XOR DDOS Rootkit. We had even rate limited the ssh even then they gets access added OTP verification also. we think there is some severe security issue with ssh. More Details About XOR DDOS Here https://www.microsoft.com/en-us/security/blog/2022/05/19/rise-in-xorddos-a-deeper-look-at-the-stealthy-ddos-malware-targeting-linux-devices/ Also there is no option to attach multiple files here. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2024540/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2024540] Re: Vulnerability Can Gain Access even with Time OTP Enabled
** Changed in: openssh (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/2024540 Title: Vulnerability Can Gain Access even with Time OTP Enabled Status in openssh package in Ubuntu: Incomplete Bug description: Hi, We have noticed that when allowing firewall rule to open SSH port 22 of my computer, somebody in the local network gets access to the system, to prevent it we had added two factor authentication by adding Time based OTP using google authenticator and root login is disabled in configuration, our network have windows systems which are compromised they are infecting this system and installing XOR DDOS Malware in my system, the rkhunter log shows variation in lot of system binary files, The XOR DDOS is overwriting lot of files before installing itself in the system, i think there is some critical bug in ssh system, we thought they are bruteforcing ssh password, but even after putting time based two factor authentication they are able to infiltrate the system and gain access. The ubuntu we are using is 22.04 LTS Jammy. Our systems are constantly attacked by XOR DDOS Rootkit. We had even rate limited the ssh even then they gets access added OTP verification also. we think there is some severe security issue with ssh. More Details About XOR DDOS Here https://www.microsoft.com/en-us/security/blog/2022/05/19/rise-in-xorddos-a-deeper-look-at-the-stealthy-ddos-malware-targeting-linux-devices/ Also there is no option to attach multiple files here. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2024540/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2024540] Re: Vulnerability Can Gain Access even with Time OTP Enabled
** Summary changed: - SSH Vulnerability Can Gain Access even with Time OTP Enabled + Vulnerability Can Gain Access even with Time OTP Enabled -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/2024540 Title: Vulnerability Can Gain Access even with Time OTP Enabled Status in openssh package in Ubuntu: New Bug description: Hi, We have noticed that when allowing firewall rule to open SSH port 22 of my computer, somebody in the local network gets access to the system, to prevent it we had added two factor authentication by adding Time based OTP using google authenticator and root login is disabled in configuration, our network have windows systems which are compromised they are infecting this system and installing XOR DDOS Malware in my system, the rkhunter log shows variation in lot of system binary files, The XOR DDOS is overwriting lot of files before installing itself in the system, i think there is some critical bug in ssh system, we thought they are bruteforcing ssh password, but even after putting time based two factor authentication they are able to infiltrate the system and gain access. The ubuntu we are using is 22.04 LTS Jammy. Our systems are constantly attacked by XOR DDOS Rootkit. We had even rate limited the ssh even then they gets access added OTP verification also. we think there is some severe security issue with ssh. More Details About XOR DDOS Here https://www.microsoft.com/en-us/security/blog/2022/05/19/rise-in-xorddos-a-deeper-look-at-the-stealthy-ddos-malware-targeting-linux-devices/ Also there is no option to attach multiple files here. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/2024540/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
