[OLPC Security] Security Digest, Vol 23, Issue 2
Greg Smith
gregsmitholpc at gmail.com
Wed Sep 17 17:23:41 EDT 2008
Hi Guys,
I replied off list to this one. In short it was not a default XS install
and where we differed we err'd.
I would really appreciate the help of any security experts one out there
who wants to help lock down an XS on the Internet. I would even
appreciate help explaining when and how to communicate security issues
on public lists.
We can make it a honey pot too if we want to learn more...
Thanks,
Greg S
security-request at lists.laptop.org wrote:
> Send Security mailing list submissions to
> security at lists.laptop.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://lists.laptop.org/listinfo/security
> or, via email, send a message with subject or body 'help' to
> security-request at lists.laptop.org
>
> You can reach the person managing the list at
> security-owner at lists.laptop.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Security digest..."
>
>
> Today's Topics:
>
> 1. XS Server Security (Greg Smith)
> 2. Re: XS Server Security (Ra?l Guti?rrez S.)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Wed, 17 Sep 2008 07:37:22 -0400
> From: Greg Smith <gregsmitholpc at gmail.com>
> Subject: [OLPC Security] XS Server Security
> To: security at lists.laptop.org
> Message-ID: <48D0EBF2.3050406 at laptop.org>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
> Hi All,
>
> I have an XS server on the Internet. It was broken in to via a
> dictionary style attack in August.
>
> That style attack is now blocked but we're still being probed and
> attacked somewhat regularly.
>
> I have some background on what has been happening. Its under control but
> I could use a security expert who we know and trust to help analyze the
> past and investigate possible future vulnerabilities.
>
> Let me know if there is someone interested in helping with this.
>
> Thanks,
>
> Greg S
>
>
> ------------------------------
>
> Message: 2
> Date: Wed, 17 Sep 2008 09:06:06 -0400
> From: Ra?l Guti?rrez "S." <rgs at rieder.net.py>
> Subject: Re: [OLPC Security] XS Server Security
> To: greg at laptop.org
> Cc: security at lists.laptop.org
> Message-ID: <1221656766.6403.2.camel at laptop.personal.com.py>
> Content-Type: text/plain; charset=UTF-8
>
> Greg,
>
> On Wed, 2008-09-17 at 07:37 -0400, Greg Smith wrote:
>> I have an XS server on the Internet. It was broken in to via a
>> dictionary style attack in August.
>
> The dictionary attack was played against the root password via SSH?
>
>> That style attack is now blocked but we're still being probed and
>> attacked somewhat regularly.
>
> How was it blocked?
>
> Best regards.
>
More information about the Security
mailing list