[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openbsd-mirrors
Subject:    Re: check ssh portforwarding on your mirror
From:       "Peter Galbavy" <peter.galbavy () knowtion ! net>
Date:       2004-03-17 7:41:20
Message-ID: 008901c40bf3$3e02b5e0$24e0a8c0 () sonylaptop
[Download RAW message or body]

Jim Rees wrote:
> Maybe anoncvssh could be modified somehow to detect that ports are
> being forwarded, and shut them down.  This doesn't look easy.  Sshd
> sets a couple EVs that indicate where the connection is coming from,
> but nothing about forwarded ports.  The processes that do the
> forwarding are stealthy, and not attached to the user's pty.

Even better possibly would be to change sshd to offer an option to not
forward connections that came without a password ?

Peter

[prev in list] [next in list] [prev in thread] [next in thread]