Matthew Miller wrote:
On Wed, Apr 27, 2005 at 10:56:38AM -0500, Aleksandar Milivojevic wrote:
there are numerous brute force ssh attacks in the web. I was quite curious, and for fun, I created the typical user accounts and set easy to guess passwords....
Generally, very bad idea. Unless you know exactly what you are doing, which you obviously don't.
What's the harm? I mean, assuming you're planning on doing a limited, controlled experiment?
Was it controlled? Was it really limited? Judging from original post, I wouldn't be suprised if his entire local network got infected.
Why? I would be very surprised if it was. It requires infected files to be manually transferred from system to system.
Unless Daniel actually transferred an infected file to another system, or he has filesystems cross-mounted with write permission I don't see how they would be infected. Doing either on a system you are testing to see how long it takes to be compromised would be just as daft as running binaries installed by a cracker when root...
... Ok, maybe his network is infected.
-- Nigel Wade, System Administrator, Space Plasma Physics Group, University of Leicester, Leicester, LE1 7RH, UK E-mail : nmw@xxxxxxxxxxxx Phone : +44 (0)116 2523548, Fax : +44 (0)116 2523555
