Mailinglist Archive: opensuse-security (138 mails)

< Previous Next >
RE: [suse-security] Openssh + security
Thanks for the reference. I'd forgotten about that small bit of panic.
It's nice to live in a liberal democracy.

I think that's an overstatement of the summary presented in the article
referenced. "Possibly illegal" is the strongest you can get from it.

Having said that, I'm fairly safe unless the CIA has taken to using
extraordinary rendition for misdemeanours (fewer than 10 exposed gateways /
firewalls) or to arresting relatives!

It's not clear that LaBrea is any more active than portsentry. As I
understand it, all it does is to not complete the connection set-up
exchange, but keep sending "wait-a-bit" responses as it has no resources to
respond properly. Sounds fair enough to me. I don't allocate resources to
opening non-invited connections. It's no more offensive than trying to see
how long you can keep politicians talking on the doorstep, keeping phone
salesmen talking, or posting unrequested free offers back to the sender
without postage attached. I do all of those as well.


_____

From: Jaime Santos [mailto:jesantos@xxxxxxxxxxxxxxxxxxxx]
Sent: Monday, December 12, 2005 6:24 PM
To: Admin; suse-security@xxxxxxxx
Subject: Re: [suse-security] Openssh + security


Hi,

Hmm, not just irresponsible, but also illegal in the US, so watch out if you
are travelling there ;-).
I heard the conditions in US prisons are not particularly pleasant :-) ...

Check this (somewhat outdated) article on the LaBrea tool:

http://seclists.org/lists/isn/2003/Apr/0103.html

I would tend to say that any passive countermeasures (such as a porsentry
like tool) are okay, any active
countermeasures are a bad idea, or at least you are in swampy territory
here...

Best, Jaime.


< Previous Next >
References