Re: Enabling telnet, ftp, pop3 for root...



Ertugrul Soeylemez wrote:

matt_left_coast <not@xxxxxxxxxx> (06-04-10 15:32:21):

Any script kiddie can attack vulnerabilities in your knockd (or
whatever you're using). No difference. But my variant is much
easier to use.

How, specifically? portknocking is not connected to any port, so how
would they attack it? All port knocking does it watch a text file, so
HOW are they going to attack, SPECIFICALLY? Even IF they get past the
portknocking, they would STILL only be at the point where YOUR system
is at. They would have to have an unpached exploit for BOTH
portknocking (since it is not connected to any port, not at all
likely) AND ssh AT THE SAME TIME. I would say the likelyhood of that
is virtually non-existant. If you want to debate that, figure out
portknocking and supply a SPECIFIC method of attack.

See another post. If the security vulnerability history of knockd is
not enough for you, then you're lost.

Where is the remote exploitable security vunerability. And don't go listing
a bunch of non-security related "bug fixes" from a "change log". Not
everything in a change log is there for security reasons, not every bug fix
is related to security.



Oh? Never mind that you repeatedly attacked me for using "Again,
that's security by obscurity" When I was securing a port by
SHUTTING IT DOWN, not obscuring it the way YOU did when you put it
on a non-standard port! You falsely attacked ME when it was YOU
that is the one that is guilty of "security by obscurity"

I've already told you, I didn't move the port to hide it.

Yes, you did. You hid it FROM:

Port 22 is constantly bruteforced by script kiddies searching IP
address ranges and

To avoid security attacks like "bruteforced by script kiddies" and:

trying trivial user/pass combinations.

and other consciences, like:

This adds useless traffic, so I moved it away to save that traffic.

By your own words, you are a liar.

Maybe you should read a paragraph entirely, before replying. First, I
didn't talk about 'security attacks' anywhere here. I talked about
useless traffic. To avoid that useless traffic (caused by those script-
kiddies mentioned), I moved it.

If they are "constantly bruteforced by script kiddies searching IP address
ranges and trying trivial user/pass combinations" they are attempting to
break-in. You are moving the port to avoid the consequences of an attack.
That IS a security issue.


Don't you understand anything?

I understand that you are playing semantics.

Again: At least you have babbled and
got attention.

And you have babbled and proven you know not what you are talking about.



.



Relevant Pages

  • RE: Concepts: Security and Obscurity
    ... The cost of initiating the attack is not increased ... way but listening on some completely off-the-wall port and non-default ... Subject: Concepts: Security and Obscurity ...
    (Security-Basics)
  • Re: Need urgent help regarding security
    ... > improve it significantly though only from one popular attack vector. ... > security features of FreeBSD's inetd. ... > reduce their exposure by moving sshd to a port other than 22. ... Take passwords for example. ...
    (FreeBSD-Security)
  • Re: More SSH trolling
    ... What you can do is to use portknocking. ... "unjustified sense of security"? ... If they get no response to port 22 then they general move ... opportunity to try dictionary attacks looking for weak passwords on your ...
    (Fedora)
  • Re: Enabling telnet, ftp, pop3 for root...
    ... All port knocking does it watch a text file, ... HOW are they going to attack, ... portknocking, they would STILL only be at the point where YOUR system ... If the security vulnerability history of knockd is ...
    (alt.os.linux)
  • Re: Attacker damaged my system via ssh. I m shocked.
    ... my comment was more of "not really security". ... No, is not, is only getting rid of the entries in the log. ... scripts can then be changed to attack the port you used to _hide_ ssh on. ...
    (comp.os.linux.misc)