2006-08-29 07:16:13 |
Brian Ealdwine |
description |
Binary package hint: openssh-server
Granted, I should have been paying attention.
But.
I hadn't changed the root password from initial install - I just use sudo.
Each character of a password is one of over 60 possibilities.
..so a 3-character password entails over 200,000 possibilities.
..which gives them a 23% chance of having cracked my system in the number of tries they did - if it was a 3-character password. 4 character password makes it a .3% chance. 5 character password makes it a .00006% chance. You get the picture.
so, some information:
I'm running Kubuntu LTS, with "OpenSSH_4.2p1 Debian-7ubuntu3, OpenSSL 0.9.8a"
and, some questions:
..why was my system hacked in only ~50,000 tries? ..my own idiocy aside -- Is there a bug in openssh-server, or some other vulnerability I don't know about? ..if so, is there a patch coming out soon?
..I thought there was no password/no potential for login other than 'sudo bash' or 'sudo su' for the root account in (k)Ubuntu. Is this not the case?
..why does openssh-server in (k)Ubuntu allow root logins by default, particularly with the whole "rootless" idea going on?
..and, of course.. What potentially useful information can I provide to help this get fixed?
Please don't just blow me off on this - I think there's an actual issue here. If you do, please give solid reason why you think it's probable that someone hacked my system in that time.
-- |
Binary package hint: openssh-server
Granted, I should have been paying attention.
But.
I hadn't changed the root password from initial install - I just use sudo.
Each character of a password is one of over 60 possibilities.
..so a 3-character password entails over 200,000 possibilities.
..which gives them a 23% chance of having cracked my system in the number of tries they did - if it was a 3-character password. 4 character password makes it a .3% chance. 5 character password makes it a .00006% chance. You get the picture.
so, some information:
I'm running Kubuntu LTS, with "OpenSSH_4.2p1 Debian-7ubuntu3, OpenSSL 0.9.8a"
and, some questions:
..why was my system hacked in only ~50,000 tries? ..my own idiocy aside -- Is there a bug in openssh-server, or some other vulnerability I don't know about? ..if so, is there a patch coming out soon?
..I thought there was no password/no potential for login other than 'sudo bash' or 'sudo su' for the root account in (k)Ubuntu. Is this not the case?
..why does openssh-server in (k)Ubuntu allow root logins by default, particularly with the whole "rootless" idea going on?
..and, of course.. What potentially useful information can I provide to help this get fixed?
Compromise occurred on aug. 14th.
Please don't just blow me off on this - I think there's an actual issue here. If you do, please give solid reason why you think it's probable that someone hacked my system in that time.
-- |
|