LinuxQuestions.org
Page 3 of 3 12 3
Show 50 post(s) from this thread on one page

LinuxQuestions.org (/questions/)
-   Slackware (https://www.linuxquestions.org/questions/slackware-14/)
-   -   My First Brush With Linux Malware (https://www.linuxquestions.org/questions/slackware-14/my-first-brush-with-linux-malware-4175501872/)

jtsn 04-21-2014 12:59 PM
Quote:
Originally Posted by bormant (Post 5156046)
new default will break remote installation of Slackware, because now setup doesn't create regular user and if we skip chroot to /mnt and do not create regular user manually at setup phase, this installation will be unaccessable for first remote login.
As for me, mention this potential security problem in documentation is still enough.
Isn't Slackware supposed to ship the upstream default configuration in line with OpenSSH documentation? Do we need this sort of distro-based handholding?

TobiSGD 04-21-2014 09:53 PM
Quote:
Originally Posted by jtsn (Post 5156606)
Isn't Slackware supposed to ship the upstream default configuration in line with OpenSSH documentation? Do we need this sort of distro-based handholding?
This option is configured the same way in the OpenSSH tarball from their website, so actually this is the upstream default.

mancha 04-22-2014 12:08 AM
Quote:
Originally Posted by jtsn (Post 5156606)
Isn't Slackware supposed to ship the upstream default configuration in line with OpenSSH documentation?
I don't see why Pat is bound by anything other than his own judgment in terms of what Slackware ships.

As for OpenSSH upstream, they're not prescriptive:
"The default configuration should be instantly usable, though you should review it
to ensure that it matches your security requirements." [emphasis mine]
--mancha

Bertman123 04-22-2014 12:30 PM
I don't have a server and just use slackware web-surfing, email, and watching amazon prime and hulu plus videos... I try to disable ssh and anything thing else I can for security purposes. I try to be security conscious without being security paranoid... if that makes any sense...

moisespedro 04-25-2014 08:17 PM
Quote:
Originally Posted by Bertman123 (Post 5157200)
I don't have a server and just use slackware web-surfing, email, and watching amazon prime and hulu plus videos... I try to disable ssh and anything thing else I can for security purposes. I try to be security conscious without being security paranoid... if that makes any sense...
I do the same

nausicaa 05-25-2014 10:28 AM
I have similar problem. I found out that there is an executable file .SSH2 in the /etc/ folder. Delete it. It probably cause the creation of another executable file .sshdd1401029612 in the /tmp/ directory that cause all the troubles. I checked it using htop. The file is big. The other files sfewfesfs, sfewfesfshgfhddsfew, sdmfdsfhjfe, gfhjrtfyhuf, dsfrefr, ferwfrre were just probably dummy files.

unSpawn 05-25-2014 10:53 AM
Quote:
Originally Posted by nausicaa (Post 5176778)
I found out that there is an executable file .SSH2 in the /etc/ folder. Delete it.
Note deleting files without listing (volatile) details, investigating how it got there and ensuring it can't happen again is bad.


Quote:
Originally Posted by nausicaa (Post 5176778)
The other files sfewfesfs, sfewfesfshgfhddsfew, sdmfdsfhjfe, gfhjrtfyhuf, dsfrefr, ferwfrre were just probably dummy files.
See https://www.linuxquestions.org/quest...1/#post5167596 and https://www.linuxquestions.org/quest...1/#post5169774


All times are GMT -5. The time now is 05:29 PM.
Page 3 of 3 12 3
Show 50 post(s) from this thread on one page