Richard Verwayen wrote:
Hello list!
A few weeks ago there was a discussion about automated ssh scanning with user/password combinations like guest/guest or admin/admin. I set up a debian woody fully patched with both accounts activated, and got rooted some days later...
The attackers installed some software and irc-bots and tried to use this
host for testing other computers, thats not the point. I would like to
know where's the weak point in the system? As the system was updates on
a daily base! The only known weakness were these two accounts!
you didn't set up admin/admin as root did you?
just asking.
-d
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
