"Shellshock" bash bug
Colin Law
clanlaw at gmail.com
Sat Sep 27 15:29:21 UTC 2014
On 27 September 2014 14:08, Gene Heskett <gheskett at wdtv.com> wrote:
> On Saturday 27 September 2014 08:53:10 Colin Law did opine
> And Gene did reply:
>> On 27 September 2014 13:45, Gene Heskett <gheskett at wdtv.com> wrote:
>> > On Saturday 27 September 2014 02:45:50 Colin Law did opine
>> >
>> > And Gene did reply:
>> >> On 27 September 2014 01:33, Gene Heskett <gheskett at wdtv.com> wrote:
>> >> > On Friday 26 September 2014 17:50:25 Colin Law did opine
>> >> >
>> >> >> ...
>> >> >> It seems however that my initial assumption is correct, that if
>> >> >> they cannot login as they do not have the key then they cannot
>> >> >> exploit the vulnerability.
>> >> >
>> >> > We are being told by the finders that no login is needed.
>> >>
>> >> True, it seems that web server and dhcp can also be attacked,
>> >> however since only port 22 is open and dhcp is from my router then
>> >> it seems I am safe, provided the router is clean.
>> >>
>> >> Cheers
>> >>
>> >> Colin
>> >
>> > A second point in the good routers is that you can and should,
>> > disable access to port 22 from the outside world, making that only
>> > accessible from your local 192.168.nnn/24. But that has little to
>> > do with its dhcp which could still be hackable.
>>
>> If I disable access to port 22 from the outside world, how do you
>> suggest I get access to the machine from the outside world?
>>
>> Colin
>
> The "outside world" is by definition, any address NOT in the 192.168.xx.
> range. Those addresses are not transmitted across the router from inside
> to outside. Or vice-versa. I only have one port open to the outside, and
> you can easily guess which one that is. If you can see my web page, its
> working. :)
Not sure that answers the question about how I get access to my
machine from the outside world without opening port 22 (or using VPN).
I need to control it, it is a weather station, not a web server. Also
I suspect there have been many more vulnerabilities found that can
attack via an http connection than via ssh, though I have no direct
evidence to support that.
Cheers
Colin
More information about the ubuntu-users
mailing list