"Shellshock" bash bug

Gene Heskett gheskett at wdtv.com
Sat Sep 27 16:51:44 UTC 2014


On Saturday 27 September 2014 11:29:21 Colin Law did opine
And Gene did reply:
> On 27 September 2014 14:08, Gene Heskett <gheskett at wdtv.com> wrote:
> > On Saturday 27 September 2014 08:53:10 Colin Law did opine
> > 
> > And Gene did reply:
> >> On 27 September 2014 13:45, Gene Heskett <gheskett at wdtv.com> wrote:
> >> > On Saturday 27 September 2014 02:45:50 Colin Law did opine
> >> > 
> >> > And Gene did reply:
> >> >> On 27 September 2014 01:33, Gene Heskett <gheskett at wdtv.com> 
wrote:
> >> >> > On Friday 26 September 2014 17:50:25 Colin Law did opine
> >> >> > 
> >> >> >> ...
> >> >> >> It seems however that my initial assumption is correct, that
> >> >> >> if they cannot login as they do not have the key then they
> >> >> >> cannot exploit the vulnerability.
> >> >> > 
> >> >> > We are being told by the finders that no login is needed.
> >> >> 
> >> >> True, it seems that web server and dhcp can also be attacked,
> >> >> however since only port 22 is open and dhcp is from my router
> >> >> then it seems I am safe, provided the router is clean.
> >> >> 
> >> >> Cheers
> >> >> 
> >> >> Colin
> >> > 
> >> > A second point in the good routers is that you can and should,
> >> > disable access to port 22 from the outside world, making that only
> >> > accessible from your local 192.168.nnn/24.  But that has little to
> >> > do with its dhcp which could still be hackable.
> >> 
> >> If I disable access to port 22 from the outside world, how do you
> >> suggest I get access to the machine from the outside world?
> >> 
> >> Colin
> > 
> > The "outside world" is by definition, any address NOT in the
> > 192.168.xx. range.  Those addresses are not transmitted across the
> > router from inside to outside.  Or vice-versa.  I only have one port
> > open to the outside, and you can easily guess which one that is.  If
> > you can see my web page, its working. :)
> 
> Not sure that answers the question about how I get access to my
> machine from the outside world without opening port 22 (or using VPN).
> I need to control it, it is a weather station, not a web server.  Also
> I suspect there have been many more vulnerabilities found that can
> attack via an http connection than via ssh, though I have no direct
> evidence to support that.
> 
> Cheers
> 
> Colin

Does it have a "local' ip, or does it get its address from a makers 
server?  The latter would take it out of my potential purchases column, 
but if its local, where can I get one?

If it has a local ip, then leave it open, although if its wireless, the 
neighbors, if hacker enough could access it.  Good passwords protecting 
the admin stuff, 20+ characters would secure it well enough in 99.9999999% 
of the cases.

Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page <http://geneslinuxbox.net:6309/gene>
US V Castleman, SCOTUS, Mar 2014 is grounds for Impeaching SCOTUS




More information about the ubuntu-users mailing list