Re: SFTP question

To: debian-user@lists.debian.org
Subject: Re: SFTP question
From: Reco <recoverym4n@gmail.com>
Date: Thu, 25 Dec 2014 19:23:15 +0300
Message-id: <[🔎] 20141225162314.GB5215@x101h>
In-reply-to: <[🔎] 549C2AB3.6070406@gmail.com>
References: <[🔎] 20141223125228.GA24853@fever.havannah.local> <[🔎] 20141223153258978953850.NoCcsPlease@bob.proulx.com> <[🔎] 20141224070154.GB30814@fever.havannah.local> <[🔎] 549AE75C.6080505@gmail.com> <[🔎] 20141225135452.GA9301@tagesuhu-pc.batista.in> <[🔎] 549C2AB3.6070406@gmail.com>

 Hi.

On Thu, Dec 25, 2014 at 10:18:11AM -0500, Jerry Stuckle wrote:
> On 12/25/2014 8:54 AM, Andre N Batista wrote:
> > On Wed, Dec 24, 2014 at 11:18:36AM -0500, Jerry Stuckle wrote:
> >> On 12/24/2014 2:01 AM, Danny wrote:
> >>> Hi Bob,
> >>>
> >>> You were right, SFTP, FileZilla and Proftp confused the hell out of me ... lol
> >>> ... I must add in my defense though that I was in a state of panic after syslog
> >>> warned me of an attack by someone during the night via ssh ... So I frantically tried to
> >>> make ssh and Proftp work together without reading the online guides properly ...
> >>>
> >>> Sometimes one does stupid things ... lol ...
> >>>
> >>> Thanks for everyone's input ...
> >>>
> >>> Danny
> >>>
> >>
> >> Danny,
> >>
> >> As a side note - don't panic over SSH attacks.  Instead, use the right
> >> tools and techniques to secure your systems and let them do their jobs.
> >>  Monitor the server to ensure you didn't leave any holes.
> >>
> >> For instance, Fail2ban blocked over 100 IP's from accessing one of my
> >> servers on yesterday alone.  The attacks keep coming, but none have ever
> >> succeeded.
> > 
> > Not surprisingly, I mostly agree with the advice given here, we all
> > learnt from the same sources.
> > 
> > Nonetheless, since you claimed to be using puTTy for your ssh needs on
> > windows, I should warn you that recently someone claimed to be able to
> > use it as a means to compromise a ssh server:
> > 
> > http://seclists.org/fulldisclosure/2014/Dec/42
> > 
> > I have not put it's claims to test, but since the last stable version of
> > putty dates back one year
> > 
> > http://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html
> > 
> > and since there seems to be no mention of this bug on putty bug tracking
> > system
> > 
> > http://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/
> > 
> > I guess you should deploy it at large, at least until it has been fixed.
> > 
> > Good luck!
> > 
> 
> It's possible to corrupt ANY program if you replace a .dll or .so with
> your own code.

Indeed. But the program which can be tricked to use your own library
instead of a system one - is called vulnerable usually. I don't mean
LD_PRELOAD or LD_LIBRARY_PATH tricks but something akin to a braindead
Windows behavior (which looks for libraries in a current dir first).

Reco

Reply to:

Follow-Ups:
- Re: SFTP question
  - From: Jerry Stuckle <stucklejerry@gmail.com>

References:
- SFTP question
  - From: Danny <dannydebont@gmail.com>
- Re: SFTP question
  - From: Bob Proulx <bob@proulx.com>
- Re: SFTP question
  - From: Danny <mynixmail@gmail.com>
- Re: SFTP question
  - From: Jerry Stuckle <stucklejerry@gmail.com>
- Re: SFTP question
  - From: Andre N Batista <andrenbatista@gmail.com>
- Re: SFTP question
  - From: Jerry Stuckle <stucklejerry@gmail.com>

Prev by Date: Re: cups clients?
Next by Date: Re: cups clients?
Previous by thread: Re: SFTP question
Next by thread: Re: SFTP question
Index(es):
- Date
- Thread