[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] ssh question

Subject: Re: [cobalt-security] ssh question
From: John Anderson <johna@xxxxxxxxxx>
Date: Thu, 11 Jan 2001 14:38:04 -0500
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

I changed it to listen on port 222222 and now I'm getting this:
Bad port 222222.

Then I tried some different odd port numbers (49999 and 58888) and got
errors
like this one:
Jan 11 14:35:27 qube -i[15498]: error: bind: Address already in use
Jan 11 14:35:27 qube -i[15498]: fatal: Bind to port 58888 failed: Socket
is not
connected.

I'm just starting and stopping inetd, do I need to do anything else?

Thanks.


--John




Kevin D wrote:

> I don't have any docs in front of me, so I'm not 100% sure, but isn't
port
> 22222 in that range of ports that servers use for dynamic port
assignments?
> Thus, that port may already be in use by some other program. Try using
a
> port above 32000 or below 1024 or something like that.
>
> Kevin
>
> ----- Original Message -----
> From: "John Anderson" <johna@xxxxxxxxxx>
> To: <cobalt-security@xxxxxxxxxxxxxxx>
> Sent: Thursday, January 11, 2001 10:44 AM
> Subject: [cobalt-security] ssh question
>
> > Hi,
> >
> > A while ago it was recommended by some members of this list a good
way
> > to have a "backdoor" into the Qube is to have a standalone sshd and
> > start one in inetd running on an odd port (for example 22222).
> >
> > I tried to do that, I added this line to /etc/services:
> > sshback         22222/tcp        sshdback        # SSH Back Door
> >
> > This line to /etc/inetd.conf:
> > sshback stream tcp     nowait  root    /usr/local/sbin/sshd -i -f
> > /etc/sshd/sshd_config_inetd
> >
> > And the only notable change to /etc/sshd/sshd_config_inetd was to
change
> >
> > the listen port to 22222
> >
> > Now the problem / question:  I restarted inetd and everything was
fine,
> > I made a change to the configuration file and restarted inetd --
that
> > was the last time I could get in on that port.  Here is the error:
> >
> > Jan 10 16:10:22 qube -i[7362]: error: bind: Address already in use
> > Jan 10 16:10:22 qube -i[7362]: fatal: Bind to port 22222 failed:
Socket
> > is not connected.
> >
> > Any help would be appreciated.
> >
> > Thanks.
> >
> >
> > --John
> >
> >
> >
> >
> > --
> > John Anderson
> > janderson@xxxxxxxxx
> > Ceeva, Inc.
> >
> >
> >
> > _______________________________________________
> > cobalt-security mailing list
> > cobalt-security@xxxxxxxxxxxxxxx
> > http://list.cobalt.com/mailman/listinfo/cobalt-security
> >
>
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security



--
John Anderson
janderson@xxxxxxxxx
Ceeva, Inc.

Prev by Date: Re: [cobalt-security] ssh question
Next by Date: [cobalt-security] local root exploit with glibc2.2 update from cobalt
Previous by thread: Re: [cobalt-security] ssh question
Next by thread: [cobalt-security] local root exploit with glibc2.2 update from cobalt

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index