Re: spooky windows script

To: debian-security@lists.debian.org
Subject: Re: spooky windows script
From: Lee Braiden <lee.b@digitalunleashed.com>
Date: Wed, 9 May 2007 07:10:47 +0100
Message-id: <200705090710.48814.lee.b@digitalunleashed.com>
In-reply-to: <1178660070.7094.3.camel@sophie.cantv.net>
References: <8iATq-62T-25@gated-at.bofh.it> <lds.0705082224.2326@windlord.akallabeth.de> <1178660070.7094.3.camel@sophie.cantv.net>

On Tuesday 08 May 2007 22:34:30 Gerardo Curiel wrote:
> El mar, 08-05-2007 a las 22:24 +0200, Thomas Hochstein escribió:
> > Chris Adams schrieb:
> > > Do you have a VNC server installed?
> > >
> > | But I do have vino-server running.
> >
> > Yes.
>
> That's the problem, the same happened to me a couple of weeks ago, in my
> Desktop(a newly installed Debian Unstable).
>
> Vino seems to open the vnc port to the outside without password when
> installed by default.

I would say the problem is more that his system is configured to allow any 
servers without explicit authorisation.  That could just as easily have been 
a trojan or rootkit opening a port.  Best to setup your firewall to block all 
incoming connections by default, and explicitly allow only what your system 
is actually serving, and only to machines it needs to serve.

-- 
Lee

Reply to:

References:
- Re: spooky windows script
  - From: Thomas Hochstein <ml@ancalagon.inka.de>
- Re: spooky windows script
  - From: Gerardo Curiel <gcuriel@gmail.com>

Prev by Date: Re: spooky windows script
Next by Date: Re: spooky windows script
Previous by thread: Re: spooky windows script
Next by thread: Re: spooky windows script
Index(es):
- Date
- Thread