Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-security@g.o
From: "W.Kenworthy" <billk@...>
Subject: Re: If your interested
Date: Mon, 10 Oct 2005 13:12:26 +0800
defence in depth: They know that a system running ssh resides at this
address so they can move onto probing for other weaknesses, you have
already identified them as probing for a known vulnerability - so why
take a chance that the next probe they do will hit on an unpatched,
unknown hole?  And as far as ssh goes, if they can try one password,
they can try more and may get "lucky".

They have been identified, dont let them keep on trying each door handle
or window looking for any left unlocked.  

Lastly, are you absolutely, without qualification sure that you, or
another user has not (even accidentally) run an app that is leaving the
system vulnerable, that all passwords are 100% secure and unguessable,
or that you have patched all known or *unknown* holes ...

I thought not!

BillK

On Mon, 2005-10-10 at 12:55 +0800, Taka John Brunkhorst wrote:
> nice but why do we need to block them?
> ssh worms? or just lamers?
> 
> -- 
> antiwmac@...
> Taka John Brunkhorst
-- 
gentoo-security@g.o mailing list


References:
If your interested
-- Brian Micek
Re: If your interested
-- RADDS Support Team
Re: If your interested
-- Craig
Re: If your interested
-- Brian Micek
Re: If your interested
-- Taka John Brunkhorst
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: If your interested
Next by thread:
Re: If your interested
Previous by date:
Re: If your interested
Next by date:
Re: If your interested


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.