Results 1 to 13 of 13
  1. #1
    Join Date
    Dec 2000
    Location
    Israel
    Posts
    60

    Question Going to get Hacked again, new issue with OpenSSH

    According to:
    http://www.pine.nl/advisories/pine-cert-20020301.txt

    There may be another root exploit involving SSH.

    Are we vulnerable? How do we fix it?
    Inmatrix LTD . Chief Technology Officer

  2. #2
    Join Date
    Jun 2001
    Posts
    46
    Looks like bad news. Has anybody tried that patch?


    While were on the subject of security, might want to check this out:

    http://packetstorm.linuxsecurity.com...alt-RAQ-v4.txt

  3. #3
    The good news (if I understood it correctly) is that it *only* allows local users to gain root. So if you don't give your customers shell access you should be safe I guess.

    Might be a good idea anyway to update openshh, they released a new version today => http://www.openssh.com
    Hi! I'm a signature virus! Copy me into your ~/.signature to help me spread!

  4. #4
    Join Date
    Jan 2001
    Location
    Berlin, Germany
    Posts
    73

    pkg version?

    Is there a pkg version available? I couldn't find it in their site.

  5. #5
    Join Date
    Dec 2000
    Posts
    610

    Re: Going to get Hacked again, new issue with OpenSSH

    Originally posted by Blight
    According to:
    http://www.pine.nl/advisories/pine-cert-20020301.txt

    Are we vulnerable? How do we fix it?
    New package available at http://pkgmaster.com/packages/raq/3/#openssh

    Mike

  6. #6
    Join Date
    Jun 2001
    Posts
    46

    Question

    has anybody installed pkg's from this source (http://pkgmaster.com) before? I read somewhere about a new non-cobalt php pkg that was sending info back to the person who made the pkg. Can this source trusted?

  7. #7
    pkgmaster.com is operated by the same guys who operated http://pkg.nl.cobalt.com (which had to be closed for some reason).
    So I guess you can trust them.
    Hi! I'm a signature virus! Copy me into your ~/.signature to help me spread!

  8. #8
    Join Date
    Jan 2001
    Location
    Berlin, Germany
    Posts
    73
    I've installed this package right now. Seems to be no problem so far. I've always trusted the guys who operated http://pkg.nl.cobalt.com. Their packages always worked like a charm.

  9. #9
    Join Date
    Dec 2000
    Location
    Israel
    Posts
    60
    This package exposes previous possible vulnerabilities, here's how to make it a bit more secure:


    Code:
    login. su to root. type:
    pico -w /etc/ssh/sshd_config
    
    at the top of the file, change:
    Port 22
    to:
    Port xxxx
    (but choose an actual number in place of the small x characters)
    
    Also change:
    Protocol 2,1
    to:
    Protocol 2
    
    exit out of pico (control+x). Yes to save.
    
    type:
    /etc/rc.d/init.d/sshd restart
    Inmatrix LTD . Chief Technology Officer

  10. #10
    Join Date
    Jan 2001
    Location
    the Netherlands
    Posts
    542
    Don't forget to remove the # in front of the line you change.

  11. #11
    Join Date
    Dec 2000
    Location
    Israel
    Posts
    60
    Actually, I didn't remove the "#" and it still worked...
    Inmatrix LTD . Chief Technology Officer

  12. #12
    If you don't activate the setting by uncommenting that line OpenSSH will by default try both protocol 2 and 1.
    affiliated w/ datapipe. I might step in where I feel necessary.. otherwise. will just be an observer. don't ask for internal info.. you're not getting it.

    All opinions expressed are my own. Datapipe is in no way bound by my opinions.

  13. #13
    Join Date
    Mar 2001
    Location
    Connecticut, US
    Posts
    779
    Originally posted by jucebro
    has anybody installed pkg's from this source (http://pkgmaster.com) before? I read somewhere about a new non-cobalt php pkg that was sending info back to the person who made the pkg. Can this source trusted?
    pkgmaster is Taco, previously known as the pkg.nl.cobalt.com site. Taco provides excellent support for his packages on the cobalt-users mailing list.

    I can't tell you to trust him or not, but I know that I trust him. I installed his ssh package this afternoon.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •