[prev in list] [next in list] [prev in thread] [next in thread]
List: debian-security
Subject: xz backdoor prevention and hosts.deny?
From: Nick Sal <specialroumpa () proton ! me>
Date: 2024-03-31 21:28:46
Message-ID: kOGZUcP2qWCN6nORejvCvGVpXeyx5FSXZoubVYzHqrvWqJ5jgnYo-_MZnM4jORkyku46hZHEme1MxEWkk78wUxFMrKTMXKZ9ZkZjfR1wRx0= () proton ! me
[Download RAW message or body]
[Attachment #2 (text/plain)]
Hi,
With respect to debian testing, assume we filter SSH access only to a subnet using \
the files host.{deny,allow} (see below). Would this prevent the attack if a malicious \
payload was not sent from the allowed subnet? Asking to know if an attack was \
possible like this, for the few days in March the backdoor was undetected on debian \
testing.
/etc/hosts.deny: sshd: ALL
/etc/hosts.allow: sshd: "a_subnet"
Moreover, would it have helped if additionally allowing only public-key \
authentication for SSH?
Regards,
Nick
[Attachment #3 (text/html)]
<div style="font-family: Arial, sans-serif; font-size: 14px; color: rgb(0, 0, 0); \
background-color: rgb(255, 255, 255);">Hi,</div><div style="font-family: Arial, \
sans-serif; font-size: 14px; color: rgb(0, 0, 0); background-color: rgb(255, 255, \
255);"><br></div><div style="font-family: Arial, sans-serif; font-size: 14px; color: \
rgb(0, 0, 0); background-color: rgb(255, 255, 255);">With respect to debian testing, \
assume we filter SSH access only to a subnet using the files host.{deny,allow} (see \
below).<br> Would this prevent the attack if a malicious payload was <b>not</b> \
sent from the allowed subnet?<br>Asking to know if an attack was possible like this, \
for the few days in March the backdoor was undetected on debian \
testing.<br><br>/etc/hosts.deny: <span>sshd: ALL</span><br>/etc/hosts.allow: \
<span>sshd: "a_subnet</span>"<br><br>Moreover, would it have helped if additionally \
allowing only public-key authentication for SSH?</div><div style="font-family: Arial, \
sans-serif; font-size: 14px; color: rgb(0, 0, 0); background-color: rgb(255, 255, \
255);"><br></div><div style="font-family: Arial, sans-serif; font-size: 14px; color: \
rgb(0, 0, 0); background-color: rgb(255, 255, 255);">Regards,<br>Nick</div><div \
style="font-family: Arial, sans-serif; font-size: 14px; color: rgb(0, 0, 0); \
background-color: rgb(255, 255, 255);"><br></div>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic