Date: Mon, 5 Mar 2001 19:14:02 -0500 (EST) From: Igor Roshchin <str@giganda.komkon.org> To: freebsd-security@freebsd.org Cc: kris@obsecurity.org Subject: Re: ssh tricks - user running sshd Message-ID: <200103060014.TAA31449@giganda.komkon.org> In-Reply-To: <20010305130902.A85196@mollari.cthul.hu>
next in thread | previous in thread | raw e-mail | index | archive | help
Well, there is another effectively similar, but probably less trackable way of doing the same. A user can run his own ssh daemon on a different (high-numbered) port, thus allowing himself to login without using the system's daemon. Since that user can configure the daemon so that no records are added to wtmp/utmp, and no logging is done to the system log. You can forbid running daemons by a policy, but it's rather difficult to make that completely impossible. Well, the point of this message is just to remind, that, as Kris said, there are many different things for an admin to remember. Igor To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200103060014.TAA31449>