Hi Alexis, Depends on how up to date your HTTP and SSH Servers are. SSH - Anything pre 2.0 is vulnerable to a crc32 exploit yielding root priveliges - upgrade now (30% of SSH Servers are still vulnerable to this over 1 year since it was first made public). HTTPD - (Apache) there have been plenty - but up-to-date patches should keep you ok. www.securityfocus.com is the place to go where you can search by product, distro and others. Set an hour or so aside because there's tons. While you're there you can subscribe to bugtraq, which will advise you of any new exploits as they break. HTH Regards Earl
[earl.brannigan@lindenhouse.co.uk] www.lindenhouse.co.uk Intellectual : Someone who can spend a whole day locked in a room with a tea cosy without once thinking of trying it on. Highbrow : Someone who can listen to the entire William Tell Overture without once thinking of the Lone Ranger.
-----Original Message----- From: main-admin@lists.alug.org.uk [mailto:main-admin@lists.alug.org.uk]On Behalf Of Alexis Sent: Wednesday 05 December 2001 00:05 To: main@lists.alug.org.uk Subject: [Alug] Security
Does anyone know of any attacks which can be made against a machine which only has ports for HTTP and SSH open? Assuming I don't have any silly CGI going on.
I'm only considering attacks which give the attacker a foothold. Fx. flooding doesn't count.
Thanks, Alexis
main@lists.alug.org.uk http://www.anglian.lug.org.uk/ http://lists.alug.org.uk/mailman/listinfo/main Unsubscribe? See message headers or the web site above!