lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: Valdis.Kletnieks at vt.edu (Valdis.Kletnieks@...edu)
Subject: SSH Exploit Request 

On Fri, 14 Nov 2003 20:00:59 EST, Vladimir Parkhaev said:

> Hate to stick my nose in ths thread... but how updating SSH daemon
> brings down a production system?

Well, *that* particular one is unlikely.  But I've seen it happen.

You install a borked build of ssh (shared lib dependencies are FUN),
restart it, your session goes bye-bye, and you can't get back in to
fix the runaway sshd that's chewing all the resources....

The more generic point is that in larger shops, you usually need to get
*everything* planned and OK'ed in advance, including backout plans. And
even then things go wrong.

I'm sure I'm not the only sysadmin who's SSH'ed in to an ill box, decided
a reboot was needed, and typed 'shutdown -i6 -g0 -y' (runlevel 6 to reboot,
zero seconds grace, and don't prompt me), and instead realized 7 seconds
later that what the other end *received* was '-i0 -g6 -y' (poweroff with
6 seconds warning), and made a bad situation worse.

What *I*'d like to know is how the transposition gremlins know that it's
2AM on a major holiday, or a snowstorm, or other reason that the NOC is
running lights-out and nobody's there to push the button to power it back on...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20031114/af86d5bd/attachment.bin

Powered by blists - more mailing lists