From owner-freebsd-security@FreeBSD.ORG Thu Sep 23 08:09:23 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A640B16A4CE for ; Thu, 23 Sep 2004 08:09:23 +0000 (GMT) Received: from mail.broadpark.no (mail.broadpark.no [217.13.4.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 636A543D53 for ; Thu, 23 Sep 2004 08:09:23 +0000 (GMT) (envelope-from des@des.no) Received: from dwp.des.no (37.80-203-228.nextgentel.com [80.203.228.37]) by mail.broadpark.no (Postfix) with ESMTP id E04FE5560; Thu, 23 Sep 2004 10:10:03 +0200 (MEST) Received: by dwp.des.no (Postfix, from userid 2602) id 39471B873; Thu, 23 Sep 2004 10:09:22 +0200 (CEST) To: Nick Cleaton References: <20040923045229.GJ5340@lt1.cleaton.net> <20040923070809.14655.qmail@web51010.mail.yahoo.com> <20040923072912.GK5340@lt1.cleaton.net> From: des@des.no (=?iso-8859-1?q?Dag-Erling_Sm=F8rgrav?=) Date: Thu, 23 Sep 2004 10:09:22 +0200 In-Reply-To: <20040923072912.GK5340@lt1.cleaton.net> (Nick Cleaton's message of "Thu, 23 Sep 2004 09:29:12 +0200") Message-ID: User-Agent: Gnus/5.1006 (Gnus v5.10.6) Emacs/21.3 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable cc: freebsd-security@freebsd.org cc: Chris Ryan Subject: Re: Attacks on ssh port X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Sep 2004 08:09:23 -0000 Nick Cleaton writes: > I want access to my system from any IP address, so I've patched my > sshd so that a secret token is required to connect. Kinda like > using an obscure port, only more so :) > [...] > An alternative that avoids that would be to run something out of > inetd that reads the token and then execs sshd. Look up "replay attack" on google... DES --=20 Dag-Erling Sm=F8rgrav - des@des.no