[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Someone hacking into our system.

From: "John D. Hardin" <jhardin wolfenet com>
To: redhat list <redhat-list redhat com>
Subject: Re: Someone hacking into our system.
Date: Sat, 1 Jan 2000 19:34:30 -0800 (PST)

On Sat, 1 Jan 2000, Todd A. Jacobs wrote:

> Next, upgrade your version of SSH to one that isn't vulnerable to buffer
> overflows, change your passwords, and make sure that SSH is compiled to
> run from inetd. It's much slower that way, but by limiting SSH sessions to
> systems defined only in your hosts.allow file will add a further layer of
> protection for you.

Suggestion: apply Solar Designer's stack-no-exec patch, and recompile
your SSH daemon using StackGuard from http://www.immunix.org/

--
 John Hardin KA7OHZ   ICQ#15735746   http://www.wolfenet.com/~jhardin/
 jhardin wolfenet com      pgpk -a finger://gonzo.wolfenet.com/jhardin
  768: 0x41EA94F5 - A3 0C 5B C2 EF 0D 2C E5  E9 BF C8 33 A7 A9 CE 76 
 1024: 0xB8732E79 - 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
  Failure to plan ahead on someone else's part does not constitute an
  emergency on my part.
                                  - David W. Barts in a.s.r
                                    <davidb ce washington edu>
-----------------------------------------------------------------------
   Today: the Y2K apocalypse - keep gold & ammo handy!

References:
- Re: Someone hacking into our system.
  - From: Todd A. Jacobs

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]