| 1 |
Alex Efros wrote: |
| 2 |
> Hi! |
| 3 |
> |
| 4 |
> On Fri, Jul 30, 2004 at 12:44:29AM +0200, Marc Ballarin wrote: |
| 5 |
> |
| 6 |
>>>i take that back, ss is a scanner |
| 7 |
>> |
| 8 |
>>Yes. It's the "Fast Syn Scanner" by "Doctor BIOS". |
| 9 |
> |
| 10 |
> So, correct me if I'm wrong, looks like this "worm" isn't danger at all for |
| 11 |
> servers with last openssh-3.8_p1 and without stupid test:test admin:admin |
| 12 |
> accounts? And there is no real need to disable 'password' auth in sshd_config? |
| 13 |
|
| 14 |
I can understand a MCSE (meaning someone who's only admin training is a MCSE |
| 15 |
prep course) creating those dumb accounts on a Windows box, but why would any |
| 16 |
Linux/UNIX admin ever open their box up like that? They might as well just bend |
| 17 |
over and pull down their pants ;) |
| 18 |
|
| 19 |
-- |
| 20 |
Andrew Gaffney |
| 21 |
Network Administrator |
| 22 |
Skyline Aeronautics, LLC. |
| 23 |
636-357-1548 |
| 24 |
|
| 25 |
|
| 26 |
-- |
| 27 |
gentoo-security@g.o mailing list |
Archives