Date: Mon, 5 Mar 2001 19:14:02 -0500 (EST) From: Igor Roshchin <str@giganda.komkon.org> To: freebsd-security@freebsd.org Cc: kris@obsecurity.org Subject: Re: ssh tricks - user running sshd Message-ID: <200103060014.TAA31449@giganda.komkon.org> In-Reply-To: <20010305130902.A85196@mollari.cthul.hu>
index | next in thread | previous in thread | raw e-mail
Well, there is another effectively similar, but probably less trackable way of doing the same. A user can run his own ssh daemon on a different (high-numbered) port, thus allowing himself to login without using the system's daemon. Since that user can configure the daemon so that no records are added to wtmp/utmp, and no logging is done to the system log. You can forbid running daemons by a policy, but it's rather difficult to make that completely impossible. Well, the point of this message is just to remind, that, as Kris said, there are many different things for an admin to remember. Igor To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the messagehome | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200103060014.TAA31449>