On Thu, 2004-08-26 at 03:26, Henrik Persson wrote: > On Thu, 2004-08-26 at 00:32, Richard Verwayen wrote: > > Hello list! > > > > A few weeks ago there was a discussion about automated ssh scanning with > > user/password combinations like guest/guest or admin/admin. > > I set up a debian woody fully patched with both accounts activated, and > > got rooted some days later... > *snip* > > Uhm. How do you mean, "fully patched"? What kernel were you running? Hello Henrik
I am relying on the debian software distribution system, so it was there latest stable kernel-source for woody. So it was the latest debianised 2.4.19. Shouldn't I believe it secured against these exploits? Richard _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
