Greg Smith
2008-09-17 21:23:41 UTC
Hi Guys,
I replied off list to this one. In short it was not a default XS install
and where we differed we err'd.
I would really appreciate the help of any security experts one out there
who wants to help lock down an XS on the Internet. I would even
appreciate help explaining when and how to communicate security issues
on public lists.
We can make it a honey pot too if we want to learn more...
Thanks,
Greg S
I replied off list to this one. In short it was not a default XS install
and where we differed we err'd.
I would really appreciate the help of any security experts one out there
who wants to help lock down an XS on the Internet. I would even
appreciate help explaining when and how to communicate security issues
on public lists.
We can make it a honey pot too if we want to learn more...
Thanks,
Greg S
Send Security mailing list submissions to
security at lists.laptop.org
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.laptop.org/listinfo/security
or, via email, send a message with subject or body 'help' to
security-request at lists.laptop.org
You can reach the person managing the list at
security-owner at lists.laptop.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Security digest..."
1. XS Server Security (Greg Smith)
2. Re: XS Server Security (Ra?l Guti?rrez S.)
----------------------------------------------------------------------
Message: 1
Date: Wed, 17 Sep 2008 07:37:22 -0400
From: Greg Smith <gregsmitholpc at gmail.com>
Subject: [OLPC Security] XS Server Security
To: security at lists.laptop.org
Message-ID: <48D0EBF2.3050406 at laptop.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Hi All,
I have an XS server on the Internet. It was broken in to via a
dictionary style attack in August.
That style attack is now blocked but we're still being probed and
attacked somewhat regularly.
I have some background on what has been happening. Its under control but
I could use a security expert who we know and trust to help analyze the
past and investigate possible future vulnerabilities.
Let me know if there is someone interested in helping with this.
Thanks,
Greg S
------------------------------
Message: 2
Date: Wed, 17 Sep 2008 09:06:06 -0400
From: Ra?l Guti?rrez "S." <rgs at rieder.net.py>
Subject: Re: [OLPC Security] XS Server Security
To: greg at laptop.org
Cc: security at lists.laptop.org
Message-ID: <1221656766.6403.2.camel at laptop.personal.com.py>
Content-Type: text/plain; charset=UTF-8
Greg,
Best regards.
security at lists.laptop.org
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.laptop.org/listinfo/security
or, via email, send a message with subject or body 'help' to
security-request at lists.laptop.org
You can reach the person managing the list at
security-owner at lists.laptop.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Security digest..."
1. XS Server Security (Greg Smith)
2. Re: XS Server Security (Ra?l Guti?rrez S.)
----------------------------------------------------------------------
Message: 1
Date: Wed, 17 Sep 2008 07:37:22 -0400
From: Greg Smith <gregsmitholpc at gmail.com>
Subject: [OLPC Security] XS Server Security
To: security at lists.laptop.org
Message-ID: <48D0EBF2.3050406 at laptop.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Hi All,
I have an XS server on the Internet. It was broken in to via a
dictionary style attack in August.
That style attack is now blocked but we're still being probed and
attacked somewhat regularly.
I have some background on what has been happening. Its under control but
I could use a security expert who we know and trust to help analyze the
past and investigate possible future vulnerabilities.
Let me know if there is someone interested in helping with this.
Thanks,
Greg S
------------------------------
Message: 2
Date: Wed, 17 Sep 2008 09:06:06 -0400
From: Ra?l Guti?rrez "S." <rgs at rieder.net.py>
Subject: Re: [OLPC Security] XS Server Security
To: greg at laptop.org
Cc: security at lists.laptop.org
Message-ID: <1221656766.6403.2.camel at laptop.personal.com.py>
Content-Type: text/plain; charset=UTF-8
Greg,
I have an XS server on the Internet. It was broken in to via a
dictionary style attack in August.
The dictionary attack was played against the root password via SSH?dictionary style attack in August.
That style attack is now blocked but we're still being probed and
attacked somewhat regularly.
How was it blocked?attacked somewhat regularly.
Best regards.