[prev in list] [next in list] [prev in thread] [next in thread] 

List:       debian-security
Subject:    Re: spooky windows script
From:       Lee Braiden <lee.b () digitalunleashed ! com>
Date:       2007-05-09 6:10:47
Message-ID: 200705090710.48814.lee.b () digitalunleashed ! com
[Download RAW message or body]

On Tuesday 08 May 2007 22:34:30 Gerardo Curiel wrote:
> El mar, 08-05-2007 a las 22:24 +0200, Thomas Hochstein escribió:
> > Chris Adams schrieb:
> > > Do you have a VNC server installed?
> > >
> > | But I do have vino-server running.
> >
> > Yes.
>
> That's the problem, the same happened to me a couple of weeks ago, in my
> Desktop(a newly installed Debian Unstable).
>
> Vino seems to open the vnc port to the outside without password when
> installed by default.

I would say the problem is more that his system is configured to allow any 
servers without explicit authorisation.  That could just as easily have been 
a trojan or rootkit opening a port.  Best to setup your firewall to block all 
incoming connections by default, and explicitly allow only what your system 
is actually serving, and only to machines it needs to serve.

-- 
Lee


[prev in list] [next in list] [prev in thread] [next in thread]