Re: SFTP question
On 12/25/2014 8:54 AM, Andre N Batista wrote:
> On Wed, Dec 24, 2014 at 11:18:36AM -0500, Jerry Stuckle wrote:
>> On 12/24/2014 2:01 AM, Danny wrote:
>>> Hi Bob,
>>>
>>> You were right, SFTP, FileZilla and Proftp confused the hell out of me ... lol
>>> ... I must add in my defense though that I was in a state of panic after syslog
>>> warned me of an attack by someone during the night via ssh ... So I frantically tried to
>>> make ssh and Proftp work together without reading the online guides properly ...
>>>
>>> Sometimes one does stupid things ... lol ...
>>>
>>> Thanks for everyone's input ...
>>>
>>> Danny
>>>
>>
>> Danny,
>>
>> As a side note - don't panic over SSH attacks. Instead, use the right
>> tools and techniques to secure your systems and let them do their jobs.
>> Monitor the server to ensure you didn't leave any holes.
>>
>> For instance, Fail2ban blocked over 100 IP's from accessing one of my
>> servers on yesterday alone. The attacks keep coming, but none have ever
>> succeeded.
>
> Not surprisingly, I mostly agree with the advice given here, we all
> learnt from the same sources.
>
> Nonetheless, since you claimed to be using puTTy for your ssh needs on
> windows, I should warn you that recently someone claimed to be able to
> use it as a means to compromise a ssh server:
>
> http://seclists.org/fulldisclosure/2014/Dec/42
>
> I have not put it's claims to test, but since the last stable version of
> putty dates back one year
>
> http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html
>
> and since there seems to be no mention of this bug on putty bug tracking
> system
>
> http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/
>
> I guess you should deploy it at large, at least until it has been fixed.
>
> Good luck!
>
It's possible to corrupt ANY program if you replace a .dll or .so with
your own code.
Jerry
Reply to: