Re: My machine was hacked - possibly via sshd?

To: debian-security@lists.debian.org
Subject: Re: My machine was hacked - possibly via sshd?
From: Simon Heywood <simon@triv.org.uk>
Date: Wed, 30 Mar 2005 21:59:41 +0100
Message-id: <[🔎] 20050330205941.GA26510@triv.org.uk>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <[🔎] 1112126344.29644.40.camel@king.gregfolkert.net>
References: <[🔎] Pine.LNX.3.96.1050328121215.32223A-100000@Maggie.Linux-Consulting.com> <[🔎] 42487665.6030007@yahoo.com> <[🔎] 1112045480.1502.1.camel@localhost> <[🔎] 20050329022521.GC9746@infidel.spots.ab.ca> <[🔎] 4248F6D9.5050104@yahoo.ca> <[🔎] 20050329111842.GA16602@mood.ritram.it> <[🔎] 20050329123855.GD26154@triv.org.uk> <[🔎] 1112126344.29644.40.camel@king.gregfolkert.net>

On Tue, 29 Mar 2005 at 14:59:04 +0000, Greg Folkert wrote:
> On Tue, 2005-03-29 at 13:38 +0100, Simon Heywood wrote:
> > On Tue, 29 Mar 2005 at 13:18:42 +0000, Maurizio Lemmo - Tannoiser wrote:
> > > Sorry, but this isn't correct.  kernel 2.4.18-1 in woody is patched
> > > against known vulnerability.
> > 
> > The security team have quietly stopped updating it, preferring to
> > concentrate on the Sarge kernels.
> 
> Please back this up with proof please. Otherwise you'll be disliked even
> more for your obvious lack of tact.

Reading my post again, it does seem pretty rude, and I'm sorry for
causing offence. That wasn't my intention.

>From what I can tell, kernel updates in Woody have been postponed [1],
so there are a few unfixed vulnerabilities in 2.4.18-1. This doesn't
appear to be widely known amongst Debian users. Based on e-mail
exchanges, I gathered that it was due a combination of the large number
of kernel packages in Woody and busy developers.

> Maybe because of this little fact you might just want to point out:
> 
> Maintainer for kernel-source-2.4.18 is Herbert Xu <herbert@debian.org>
> 
> As if you don't know the implications of that.

A quick search has informed me that he resigned from Debian almost a
year ago; I wasn't aware of this.

> IIRC, You were in the argument, though not hugely, which gave him
> cause to resign from Debian.

I don't recall having had any interaction with him.

S.

[1] http://lists.debian.org/debian-security/2005/01/msg00232.html

Reply to:

References:
- Re: My machine was hacked - possibly via sshd?
  - From: Alvin Oga <aoga@mail.Linux-Consulting.com>
- Re: My machine was hacked - possibly via sshd?
  - From: Malcolm Ferguson <Malcolm_Ferguson@yahoo.com>
- Re: My machine was hacked - possibly via sshd?
  - From: David Pastern <david@scsenterprises.com.au>
- Re: My machine was hacked - possibly via sshd?
  - From: "s. keeling" <keeling@spots.ab.ca>
- Re: My machine was hacked - possibly via sshd?
  - From: "Adam M." <ummajera@yahoo.ca>
- Re: My machine was hacked - possibly via sshd?
  - From: Maurizio Lemmo - Tannoiser <mizio@tenzione.it>
- Re: My machine was hacked - possibly via sshd?
  - From: Simon Heywood <simon@triv.org.uk>
- Re: My machine was hacked - possibly via sshd?
  - From: Greg Folkert <greg@gregfolkert.net>

Prev by Date: Re: bid 12877, apache mod_ssl remote DoS
Next by Date: Re: [OT] Release cycle - was Re: My machine was hacked - possibly via sshd?
Previous by thread: Re: My machine was hacked - possibly via sshd?
Next by thread: Re: My machine was hacked - possibly via sshd?
Index(es):
- Date
- Thread