[prev in list] [next in list] [prev in thread] [next in thread]
List: debian-security
Subject: Re: ssh keyscanning!?
From: "Karl E. Jorgensen" <karl () jorgensen ! com>
Date: 2002-03-21 12:32:51
[Download RAW message or body]
On Thu, Mar 21, 2002 at 01:00:51PM +0100, Daniel Kobras wrote:
> On Thu, Mar 21, 2002 at 10:31:02AM +0000, Karl E. Jorgensen wrote:
> > The firewalling I have in place only allows incoming connections for
> > ssh. UDP is locked down so only DNS works there. And by mistake (fixed now),
> > it also allowed incoming DHCP requests from the internet.
>
> Careful here. The first DHCP request from a freshly booted machine
> doesn't carry a local IP address (but either 0.0.0.0 or random crap).
> So make sure you don't filter by IP address, but by interface at most.
Yep. My mistake was just to filter by protocol + port number, and
ignoring the interface.
By now I have found that I only have dhcpd listening on eth0 (my
internal network). Which means that dhcpd was completely irrelevant
here. Sorry about the wild goosechase.
--
Karl E. Jørgensen
karl@jorgensen.com
www.karl.jorgensen.com
==== Today's fortune:
* JHM wonders what Joey did to earn "I'd just like to say, for the record,
that Joey rules."
-- Seen on #Debian
[Attachment #3 (application/pgp-signature)]
--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic