On 2/21/2013 11:17 AM, David Hahn wrote: > Not everyone has local access to the routers..
Sometimes it's a blessing, sometimes it's a curse. ;) > How about controlling access with the hosts files.? We have always used > them and install > a small program that runs every 5 mins. on the users site that registers > only their IP address. Any > shell login sends the system admin a email too. Working on a simple > script to alert the admin > if it sees the libkeyutils.so.1.9... If we find this what should we do > with it? Restricting access with hosts.deny / hosts.allow is not going to be effective against this exploit, since tcpwrappers will not stop the problem. You'll need to restrict access to SSH with a firewall of some sort (ie: hardware firewall, ACL at the router, or IPTABLES) to avoid getting hit by this. -- Chris Gebhardt VIRTBIZ Internet Services Access, Web Hosting, Colocation, Dedicated www.virtbiz.com | toll-free (866) 4 VIRTBIZ _______________________________________________ Blueonyx mailing list Blueonyx@mail.blueonyx.it http://mail.blueonyx.it/mailman/listinfo/blueonyx
