"Shellshock" bash bug
Gene Heskett
gheskett at wdtv.com
Sat Sep 27 13:08:02 UTC 2014
On Saturday 27 September 2014 08:53:10 Colin Law did opine
And Gene did reply:
> On 27 September 2014 13:45, Gene Heskett <gheskett at wdtv.com> wrote:
> > On Saturday 27 September 2014 02:45:50 Colin Law did opine
> >
> > And Gene did reply:
> >> On 27 September 2014 01:33, Gene Heskett <gheskett at wdtv.com> wrote:
> >> > On Friday 26 September 2014 17:50:25 Colin Law did opine
> >> >
> >> >> ...
> >> >> It seems however that my initial assumption is correct, that if
> >> >> they cannot login as they do not have the key then they cannot
> >> >> exploit the vulnerability.
> >> >
> >> > We are being told by the finders that no login is needed.
> >>
> >> True, it seems that web server and dhcp can also be attacked,
> >> however since only port 22 is open and dhcp is from my router then
> >> it seems I am safe, provided the router is clean.
> >>
> >> Cheers
> >>
> >> Colin
> >
> > A second point in the good routers is that you can and should,
> > disable access to port 22 from the outside world, making that only
> > accessible from your local 192.168.nnn/24. But that has little to
> > do with its dhcp which could still be hackable.
>
> If I disable access to port 22 from the outside world, how do you
> suggest I get access to the machine from the outside world?
>
> Colin
The "outside world" is by definition, any address NOT in the 192.168.xx.
range. Those addresses are not transmitted across the router from inside
to outside. Or vice-versa. I only have one port open to the outside, and
you can easily guess which one that is. If you can see my web page, its
working. :)
Cheers, Gene Heskett
--
"There are four boxes to be used in defense of liberty:
soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page <http://geneslinuxbox.net:6309/gene>
US V Castleman, SCOTUS, Mar 2014 is grounds for Impeaching SCOTUS
More information about the ubuntu-users
mailing list