| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <200311150210.hAF2A5La005821@turing-police.cc.vt.edu> From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu) Subject: SSH Exploit Request On Fri, 14 Nov 2003 20:00:59 EST, Vladimir Parkhaev said: > Hate to stick my nose in ths thread... but how updating SSH daemon > brings down a production system? Well, *that* particular one is unlikely. But I've seen it happen. You install a borked build of ssh (shared lib dependencies are FUN), restart it, your session goes bye-bye, and you can't get back in to fix the runaway sshd that's chewing all the resources.... The more generic point is that in larger shops, you usually need to get *everything* planned and OK'ed in advance, including backout plans. And even then things go wrong. I'm sure I'm not the only sysadmin who's SSH'ed in to an ill box, decided a reboot was needed, and typed 'shutdown -i6 -g0 -y' (runlevel 6 to reboot, zero seconds grace, and don't prompt me), and instead realized 7 seconds later that what the other end *received* was '-i0 -g6 -y' (poweroff with 6 seconds warning), and made a bad situation worse. What *I*'d like to know is how the transposition gremlins know that it's 2AM on a major holiday, or a snowstorm, or other reason that the NOC is running lights-out and nobody's there to push the button to power it back on... -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 226 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20031114/af86d5bd/attachment.bin
Powered by blists - more mailing lists