lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: holle at ackw.de (Richard Verwayen)
Subject: !SPAM! Automated ssh scanning

On Thu, 2004-08-26 at 21:01, Tremaine wrote:
/snip 
> > 
> > The issue here is why does debain include such a weak account,m thaqt has
> > not been tamed via a very restricted chroot env!?
> 
> That's not the issue though.  As someone who has installed and
> maintained debian systems over a period of years, I can assure you
> that debian does not include a guest account (or any account) with a
> weak password or shell.
> 
> There aren't any shell accounts other than root on a debian install
> until added by the administrator.
> 
> The weak account in question here was created by the original poster
> with the intent of catching one of these apparently automated ssh
> attacks.
That's correct! 


/snip
> 
> As for the defaults on the original posters install... that would of
> course depend entirely on what install method he chose.  Like many
> current distros (Mandrake, Redhat etc) Debian offers a packaged
> install of a couple varieties (desktop, server, workstation etc) for
> an admin to pick from, or they can choose to run dselect (package
> management interface) and choose by hand what they do and do not want.
> 
> This of course again comes back to not knowing what the initial poster
> did with the system beyond running dselect -> update -> install  which
> would have autohandled updates and dependency resolution for installed
> packages.
I installed it without using dselect/tasksel. 
I installed only those apps to compile the new kernel (needed to get
freeswan up and running to access this box as it is located elsewhere)
and left them on the box.

Then I updated this machine at least once a week with 
apt-get update && apt-get dist-upgrade

You may want have a look at the installed packages in the list attached
-------------- next part --------------
ii  adduser        3.47           Add and remove users and groups
ii  apt            0.5.4          Advanced front-end for dpkg
ii  apt-utils      0.5.4          APT utility programs
ii  at             3.1.8-11       Delayed job execution and batch processing
ii  base-config    1.33.18        Debian base configuration package
ii  base-files     3.0.2          Debian base system miscellaneous files
ii  base-passwd    3.4.1          Debian Base System Password/Group Files
ii  bash           2.05a-11       The GNU Bourne Again SHell
ii  bc             1.06-8         The GNU bc arbitrary precision calculator la
ii  bin86          0.16.0-2       16-bit assembler and loader
ii  binutils       2.12.90.0.1-4  The GNU assembler, linker and binary utiliti
ii  bison          1.35-3         A parser generator that is compatible with Y
ii  bsdmainutils   5.20020211-4.9 More utilities from FreeBSD.
ii  bsdutils       2.11n-7        Basic utilities from 4.4BSD-Lite.
ii  bzip2          1.0.2-1        A high-quality block-sorting file compressor
ii  console-common 0.7.14         Basic infrastructure for text console config
ii  console-data   1999.08.29-24. Keymaps, fonts, charset maps, fallback table
ii  console-tools  0.2.3-23.3     Linux console and font utilities.
ii  console-tools- 0.2.3-23.3     Shared libraries for Linux console and font 
ii  cpio           2.4.2-39       GNU cpio -- a program to manage archives of 
ii  cpp            2.95.4-14      The GNU C preprocessor.
ii  cpp-2.95       2.95.4-11woody The GNU C preprocessor.
ii  cpp-3.0        3.0.4-7        The GNU C preprocessor.
ii  cron           3.0pl1-72      management of regular background processing
ii  dc             1.06-8         The GNU dc arbitrary precision reverse-polis
ii  debconf        1.0.32         Debian configuration management system
ii  debianutils    1.16.2woody1   Miscellaneous utilities specific to Debian.
ii  deborphan      1.0-3          Find orphaned libraries.
ii  dhcp-client    2.0pl5-11      DHCP Client
ii  dhcp3-common   3.0+3.0.1rc9-2 Common files used by all the dhcp3* packages
ii  dhcp3-server   3.0+3.0.1rc9-2 DHCP server for automatic IP address assignm
ii  dialog         0.9a-20020309a Displays user-friendly dialog boxes from she
ii  diff           2.7-29         File comparison utilities
ii  dlint          1.4.0-4        Checks dns zone information using nameserver
ii  dpkg           1.9.21         Package maintenance system for Debian
ii  dpkg-dev       1.9.21         Package building tools for Debian
ii  e2fsprogs      1.27-2         The EXT2 file system utilities and libraries
ii  ed             0.2-19         The classic unix line editor
ii  fdutils        5.3-7          Linux floppy utilities
ii  file           3.37-3.1.woody Determines file type using "magic" numbers
ii  fileutils      4.1-10         GNU file management utilities
ii  findutils      4.1.7-2        utilities for finding files--find, xargs, an
ii  finger         0.17-6         User information lookup program.
ii  flex           2.5.4a-24      A fast lexical analyzer generator.
ii  freeswan       1.96-1.4       IPSEC utilities for FreeSWan
ii  ftp            0.17-9         The FTP client.
ii  g++            2.95.4-14      The GNU C++ compiler.
ii  g++-2.95       2.95.4-11woody The GNU C++ compiler.
ii  gawk           3.1.0-3        GNU awk, a pattern scanning and processing l
ii  gcc            2.95.4-14      The GNU C compiler.
ii  gcc-2.95       2.95.4-11woody The GNU C compiler.
ii  gcc-3.0        3.0.4-7        The GNU C compiler.
ii  gcc-3.0-base   3.0.4-7        The GNU Compiler Collection (base package).
ii  gdb            5.2.cvs2002040 The GNU Debugger
ii  gettext-base   0.10.40-5      GNU Internationalization utilities for the b
ii  gnupg          1.0.6-4woody3  GNU privacy guard - a free PGP replacement.
ii  grep           2.4.2-3        GNU grep, egrep and fgrep.
ii  groff-base     1.17.2-15.wood GNU troff text-formatting system (base syste
ii  gsfonts        6.0-2          Fonts for the ghostscript interpreter
ii  gzip           1.3.2-3woody1  The GNU compression utility.
ii  hostname       2.09           A utility to set/show the host name or domai
ii  ifupdown       0.6.4-4        High level tools to configure network interf
ii  info           4.1-2          Standalone GNU Info documentation browser
ii  ipcheck        0.157-2        Dyndns.org client to register your dynamic I
ii  iproute        20010824-8wood Professional tools to control the networking
ii  iptables       1.2.6a-5       IP packet filter administration tools for 2.
ii  iptraf         2.5.0-4        Interactive Colorful IP LAN Monitor
ii  ispell         3.1.20-21.1    International Ispell (an interactive spellin
ii  kernel-headers 26             Kernel header files for all sparc sub archit
ii  kernel-image-2 1              Linux kernel binary image for version 2.4.18
ii  kernel-image-2 1              Linux kernel binary image for version 2.4.19
ii  kernel-package 7.107          Debian Linux kernel package build scripts.
ii  kernel-patch-f 1.96-1.4       IPSEC kernel support for FreeSwan
ii  kernel-source- 2.4.19-4.woody Linux kernel source for version 2.4.19
ii  klogd          1.4.1-10       Kernel Logging Daemon
ii  language-env   0.38           simple configuration tool for native languag
ii  less           374-4          A file pager program, similar to more(1)
ii  libbz2-1.0     1.0.2-1        A high-quality block-sorting file compressor
ii  libc6          2.2.5-11.5     GNU C Library: Shared libraries and Timezone
ii  libc6-dev      2.2.5-11.5     GNU C Library: Development Libraries and Hea
ii  libcap1        1.10-12        support for getting/setting POSIX.1e capabil
ii  libgcc1        3.0.4-7        GCC support library.
ii  libgdbmg1      1.7.3-27       GNU dbm database routines (runtime version).
ii  libglib1.2     1.2.10-4       The GLib library of C routines
ii  libgmp3        4.0.1-3        Multiprecision arithmetic library
ii  liblockfile1   1.03           NFS-safe locking library, includes dotlockfi
ii  liblwres1      9.2.1-2.woody. Lightweight Resolver Library used by BIND
ii  libncurses5    5.2.20020112a- Shared libraries for terminal handling
ii  libncurses5-de 5.2.20020112a- Developer's libraries and docs for ncurses
ii  libnss-db      2.2-6          DB Name Service Module
ii  libpam-modules 0.72-35        Pluggable Authentication Modules for PAM
ii  libpam-runtime 0.72-35        Runtime support for the PAM library
ii  libpam0g       0.72-35        Pluggable Authentication Modules library
ii  libpcap0       0.6.2-2        System interface for user-level packet captu
ii  libperl5.6     5.6.1-8.7      Shared Perl library.
ii  libpopt0       1.6.2-7        lib for parsing cmdline parameters
ii  libpt-1.2.0    1.2.5-5woody1  Portable Windows Library
ii  libreadline4   4.2a-5         GNU readline and history libraries, run-time
ii  librpm4        4.0.3-4        RPM shared library
ii  libsasl7       1.5.27-3       Authentication abstraction library.
ii  libssl-dev     0.9.6c-2.woody SSL development libraries, header files and 
ii  libssl0.9.6    0.9.6c-2.woody SSL shared libraries
ii  libstdc++2.10- 2.95.4-11woody The GNU stdc++ library (development files)
ii  libstdc++2.10- 2.95.4-11woody The GNU stdc++ library
ii  libstdc++3     3.0.4-7        The GNU stdc++ library version 3
ii  libwrap0       7.6-9          Wietse Venema's TCP wrappers library
ii  lilo           22.2-3         LInux LOader - The Classic OS loader can loa
ii  locales        2.2.5-11.5     GNU C Library: National Language (locale) da
ii  login          20000902-12    System login tools
ii  logrotate      3.5.9-8        Log rotation utility
ii  lsof           4.57-1         List open files.
ii  lynx           2.8.4.1b-3.2   Text-mode WWW Browser
ii  m4             1.4-14         a macro processing language
ii  mailx          8.1.2-0.200204 A simple mail user agent.
ii  make           3.79.1-14      The GNU version of the "make" utility.
ii  makedev        2.3.1-58       Creates device files in /dev.
ii  man-db         2.3.20-18.wood The on-line manual pager
ii  manpages       1.39-1.1       Man pages about using a Linux system.
ii  manpages-dev   1.39-1.1       Linux-development man pages.
ii  mawk           1.3.3-8        a pattern scanning and text processing langu
ii  mbr            1.1.5-1        Master Boot Record for IBM-PC compatible com
ii  menu           2.1.5-10.1     provides update-menus functions for some app
ii  mime-support   3.18-1.3       MIME files 'mime.types' & 'mailcap', and sup
ii  modconf        0.2.43         Device Driver Configuration
ii  modutils       2.4.15-1       Linux module utilities.
ii  mount          2.11n-7        Tools for mounting and manipulating filesyst
ii  mpack          1.5-7woody2    Tools for encoding/decoding MIME messages.
ii  mtools         3.9.8-7        Tools for manipulating MSDOS files
ii  mutt           1.3.28-2.2     Text-based mailreader supporting MIME, GPG, 
ii  nano           1.0.6-3        free Pico clone with some new features
ii  ncurses-base   5.2.20020112a- Descriptions of common terminal types
ii  ncurses-bin    5.2.20020112a- Terminal-related programs and man pages
ii  ncurses-term   5.2.20020112a- Additional terminal type definitions
ii  net-tools      1.60-4         The NET-3 networking toolkit
ii  netbase        4.07           Basic TCP/IP networking system
ii  netkit-inetd   0.10-9         The Internet Superserver
ii  netkit-ping    0.10-9         The ping utility from netkit
ii  nfs-common     1.0-2woody1    NFS support files common to client and serve
ii  nfs-kernel-ser 1.0-2woody1    Kernel NFS server support
ii  ntpdate        4.1.0-8        The ntpdate client for setting system time f
ii  nullmailer     1.00RC5-16.1wo Simple relay-only mail transport agent
ii  nvi            1.79-20        4.4BSD re-implementation of vi.
ii  openssl        0.9.6c-2.woody Secure Socket Layer (SSL) binary and related
ii  passwd         20000902-12    Change and administer password and group dat
ii  patch          2.5.4-11       Apply a diff file to an original
ii  pciutils       2.1.9-4        Linux PCI Utilities (for 2.[1234].x kernels)
ii  perl           5.6.1-8.7      Larry Wall's Practical Extraction and Report
ii  perl-base      5.6.1-8.7      The Pathologically Eclectic Rubbish Lister.
ii  perl-modules   5.6.1-8.7      Core Perl modules.
ii  portmap        5-2            The RPC portmapper
ii  ppp            2.4.2+20031002 Point-to-Point Protocol (PPP) daemon
ii  procps         2.0.7-8.woody1 The /proc file system utilities.
ii  psmisc         20.2-2.1       Utilities that use the proc filesystem
ii  python         2.1.3-3.2      An interactive object-oriented scripting lan
ii  python-newt    0.50.17-9.6    A newt module for Python.
ii  python2.1      2.1.3-3.2      An interactive object-oriented scripting lan
ii  reportbug      1.50           Reports bugs in the Debian distribution.
ii  rpm            4.0.3-4        Red Hat Package Manager
ii  screen         3.9.11-5woody1 A terminal multiplexor with VT100/ANSI termi
ii  scrollkeeper   0.3.6-3.1      A free electronic cataloging system for docu
ii  sed            3.02-8         The GNU sed stream editor.
ii  setserial      2.17-24        Controls configuration of serial ports.
ii  sgml-base      1.14           utilities to maintain the SGML catalog file
ii  sgml-data      1.5.5          common SGML DTDs and entities
ii  sharutils      4.2.1-9        shar, unshar, uuencode, uudecode
ii  shellutils     2.0.11-11      The GNU shell programming utilities.
ii  slang1         1.4.4-7.2      The S-Lang programming library - runtime ver
ii  ssh            3.4p1-1.woody. Secure rlogin/rsh/rcp replacement (OpenSSH)
ii  strace         4.4-1.2        A system call tracer.
ii  sysklogd       1.4.1-10       System Logging Daemon
ii  sysvinit       2.84-2woody1   System-V like init.
ii  tar            1.13.25-2      GNU tar
ii  tasksel        1.18           Tool for selecting tasks for installation on
ii  tcpd           7.6-9          Wietse Venema's TCP wrapper utilities
ii  tcsh           6.11.00-2.1    TENEX C Shell, an enhanced version of Berkel
ii  telnet         0.17-18        The telnet client.
ii  texinfo        4.1-2          Documentation system for on-line information
ii  textutils      2.0-12         The GNU text file processing utilities.
ii  time           1.7-11         The GNU time command.
ii  traceroute     1.4a12-9       Traces the route taken by packets over a TCP
ii  util-linux     2.11n-7        Miscellaneous system utilities.
ii  vim            6.1.018-1      Vi IMproved - enhanced vi editor
ii  wget           1.8.1-6.1      retrieves files from the web
ii  whiptail       0.50.17-9.6    Displays user-friendly dialog boxes from she
ii  whois          4.5.25         The GNU whois client
ii  zlib1g         1.1.4-1.0woody compression library - runtime

Powered by blists - more mailing lists