Hi Guys, I replied off list to this one. In short it was not a default XS install and where we differed we err'd.
I would really appreciate the help of any security experts one out there who wants to help lock down an XS on the Internet. I would even appreciate help explaining when and how to communicate security issues on public lists. We can make it a honey pot too if we want to learn more... Thanks, Greg S [EMAIL PROTECTED] wrote: > Send Security mailing list submissions to > [email protected] > > To subscribe or unsubscribe via the World Wide Web, visit > http://lists.laptop.org/listinfo/security > or, via email, send a message with subject or body 'help' to > [EMAIL PROTECTED] > > You can reach the person managing the list at > [EMAIL PROTECTED] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of Security digest..." > > > Today's Topics: > > 1. XS Server Security (Greg Smith) > 2. Re: XS Server Security (Ra?l Guti?rrez S.) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Wed, 17 Sep 2008 07:37:22 -0400 > From: Greg Smith <[EMAIL PROTECTED]> > Subject: [OLPC Security] XS Server Security > To: [email protected] > Message-ID: <[EMAIL PROTECTED]> > Content-Type: text/plain; charset=ISO-8859-1; format=flowed > > Hi All, > > I have an XS server on the Internet. It was broken in to via a > dictionary style attack in August. > > That style attack is now blocked but we're still being probed and > attacked somewhat regularly. > > I have some background on what has been happening. Its under control but > I could use a security expert who we know and trust to help analyze the > past and investigate possible future vulnerabilities. > > Let me know if there is someone interested in helping with this. > > Thanks, > > Greg S > > > ------------------------------ > > Message: 2 > Date: Wed, 17 Sep 2008 09:06:06 -0400 > From: Ra?l Guti?rrez "S." <[EMAIL PROTECTED]> > Subject: Re: [OLPC Security] XS Server Security > To: [EMAIL PROTECTED] > Cc: [email protected] > Message-ID: <[EMAIL PROTECTED]> > Content-Type: text/plain; charset=UTF-8 > > Greg, > > On Wed, 2008-09-17 at 07:37 -0400, Greg Smith wrote: >> I have an XS server on the Internet. It was broken in to via a >> dictionary style attack in August. > > The dictionary attack was played against the root password via SSH? > >> That style attack is now blocked but we're still being probed and >> attacked somewhat regularly. > > How was it blocked? > > Best regards. > _______________________________________________ Security mailing list [email protected] http://lists.laptop.org/listinfo/security
