No subject


Thu Jan 15 22:29:28 CST 2009


install anything you want.

-- 
Thanks,
Steve Totaro
+18887771888 (Toll Free)
+12409381212 (Cell)
+12024369784 (Skype)

--00163630f62ba466090462c1f0b5
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

<br><br><div class=3D"gmail_quote">On Thu, Feb 12, 2009 at 6:22 PM, Trixter=
 aka Bret McDanel <span dir=3D"ltr">&lt;<a href=3D"mailto:trixter at 0xdecafba=
d.com">trixter at 0xdecafbad.com</a>&gt;</span> wrote:<br><blockquote class=3D=
"gmail_quote" style=3D"border-left: 1px solid rgb(204, 204, 204); margin: 0=
pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div class=3D"Ih2E3d">On Thu, 2009-02-12 at 17:08 -0500, Jared Geiger wrote=
:<br>
&gt; I saw multiple attacks from <a href=3D"http://OVH.NET" target=3D"_blan=
k">OVH.NET</a> IP addresses over the last few<br>
&gt; weeks as well. I have used a few of the tips in this article to secure=
<br>
&gt; PBXs before as well <a href=3D"http://nerdvittles.com/?p=3D580" target=
=3D"_blank">http://nerdvittles.com/?p=3D580</a><br>
&gt; (fail2ban/IPTables).<br>
&gt;<br>
&gt; For switchvox the root account seems to have a key, not a password to<=
br>
&gt; login. You can always boot in single user mode, create a new user and<=
br>
&gt; add that user to the sudoers file then disable root from being able to=
<br>
&gt; login via ssh.conf.<br>
&gt;<br>
</div>First let me say I have never used switchvox, but if its linux based<=
br>
then the following should apply.<br>
<br>
can you not just get a shell? &nbsp;If you can you shouldnt have to boot in=
to<br>
single user mode unless they are doing chattr stuff to only allow<br>
editing of the password file on a secure runlevel, and this is rare that<br=
>
its done.<br>
<br>
/etc/passwd, /etc/shadow, /etc/group, /etc/sudoers are all just text<br>
files and its easy to append a line for new users to those files, just<br>
as its easy to use the useradd/adduser programs to add users. &nbsp;sshd.co=
nf<br>
is also a text file which requires sshd to restart to take effect but<br>
this usually does not drop connections already in process. &nbsp;This can b=
e<br>
as simple as /etc/init.d/sshd restart &nbsp;or something similar.<br>
<div class=3D"Ih2E3d"><br>
<br>
&gt; You should be able to then setup IPTables on Switchvox as well after<b=
r>
&gt; going in and creating the second account.<br>
&gt;<br>
<br>
</div>the problem is that you would need it to know to use sudo if it doesn=
t,<br>
I do not know if its smart enough to say &quot;you arent root so let me sud=
o<br>
this command&quot;.<br>
<font color=3D"#888888"><br>
<br>
--<br>
Trixter <a href=3D"http://www.0xdecafbad.com" target=3D"_blank">http://www.=
0xdecafbad.com</a> &nbsp; &nbsp; Bret McDanel<br>
pgp key: <a href=3D"http://pgp.mit.edu:11371/pks/lookup?op=3Dget&amp;search=
=3D0x8AE5C721" target=3D"_blank">http://pgp.mit.edu:11371/pks/lookup?op=3Dg=
et&amp;search=3D0x8AE5C721</a><br>
<br>
</font><br></blockquote></div><br clear=3D"all">From experience, you cannot=
 get shell, but you can single user it and install anything you want.&nbsp;=
 <br><br>-- <br>Thanks,<br>Steve Totaro <br>+18887771888 (Toll Free)<br>+12=
409381212 (Cell)<br>
+12024369784 (Skype)<br>

--00163630f62ba466090462c1f0b5--



More information about the asterisk-biz mailing list