Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > linux.debian.security > #6315
| From | Nick Sal <specialroumpa@proton.me> |
|---|---|
| Newsgroups | linux.debian.security |
| Subject | xz backdoor prevention and hosts.deny? |
| Date | 2024-03-31 23:50 +0200 |
| Message-ID | <IobdT-36FC-1@gated-at.bofh.it> (permalink) |
| Organization | linux.* mail to news gateway |
[Multipart message — attachments visible in raw view] - view raw
Hi,
With respect to debian testing, assume we filter SSH access only to a subnet using the files host.{deny,allow} (see below).
Would this prevent the attack if a malicious payload was not sent from the allowed subnet?
Asking to know if an attack was possible like this, for the few days in March the backdoor was undetected on debian testing.
/etc/hosts.deny: sshd: ALL
/etc/hosts.allow: sshd: "a_subnet"
Moreover, would it have helped if additionally allowing only public-key authentication for SSH?
Regards,
Nick
Back to linux.debian.security | Previous | Next — Next in thread | Find similar
xz backdoor prevention and hosts.deny? Nick Sal <specialroumpa@proton.me> - 2024-03-31 23:50 +0200 Re: xz backdoor prevention and hosts.deny? Gian Piero Carrubba <gpiero@rm-rf.it> - 2024-04-01 11:50 +0200
csiph-web