'xz backdoor prevention and hosts.deny?'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       debian-security
Subject:    xz backdoor prevention and hosts.deny?
From:       Nick Sal <specialroumpa () proton ! me>
Date:       2024-03-31 21:28:46
Message-ID: kOGZUcP2qWCN6nORejvCvGVpXeyx5FSXZoubVYzHqrvWqJ5jgnYo-_MZnM4jORkyku46hZHEme1MxEWkk78wUxFMrKTMXKZ9ZkZjfR1wRx0= () proton ! me
[Download RAW message or body]

[Attachment #2 (text/plain)]

Hi,

With respect to debian testing, assume we filter SSH access only to a subnet using \
the files host.{deny,allow} (see below). Would this prevent the attack if a malicious \
payload was not sent from the allowed subnet? Asking to know if an attack was \
possible like this, for the few days in March the backdoor was undetected on debian \
testing.

/etc/hosts.deny: sshd: ALL
/etc/hosts.allow: sshd: "a_subnet"

Moreover, would it have helped if additionally allowing only public-key \
authentication for SSH?

Regards,
Nick


[Attachment #3 (text/html)]

<div style="font-family: Arial, sans-serif; font-size: 14px; color: rgb(0, 0, 0); \
background-color: rgb(255, 255, 255);">Hi,</div><div style="font-family: Arial, \
sans-serif; font-size: 14px; color: rgb(0, 0, 0); background-color: rgb(255, 255, \
255);"><br></div><div style="font-family: Arial, sans-serif; font-size: 14px; color: \
rgb(0, 0, 0); background-color: rgb(255, 255, 255);">With respect to debian testing, \
assume we filter SSH access only to a subnet  using the files host.{deny,allow} (see \
below).<br> Would this prevent the attack  if a malicious payload was <b>not</b> \
sent from the allowed subnet?<br>Asking to know if an attack was possible like this, \
for the few days in March the backdoor was  undetected on debian \
testing.<br><br>/etc/hosts.deny: <span>sshd: ALL</span><br>/etc/hosts.allow: \
<span>sshd: "a_subnet</span>"<br><br>Moreover, would it have helped if additionally \
allowing only public-key authentication for SSH?</div><div style="font-family: Arial, \
sans-serif; font-size: 14px; color: rgb(0, 0, 0); background-color: rgb(255, 255, \
255);"><br></div><div style="font-family: Arial, sans-serif; font-size: 14px; color: \
rgb(0, 0, 0); background-color: rgb(255, 255, 255);">Regards,<br>Nick</div><div \
style="font-family: Arial, sans-serif; font-size: 14px; color: rgb(0, 0, 0); \
background-color: rgb(255, 255, 255);"><br></div>



[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic