[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] It's nice
- Subject: Re: [cobalt-security] It's nice
- From: shimi <shimi@xxxxxxxxxxxxxxxx>
- Date: Sat, 30 Jun 2001 11:10:47 -0700 (PDT)
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
On Fri, 29 Jun 2001, Zeffie wrote:
> > > yuck.... /etc/rc.d/init.d/sshd2 restart
> > > This can suck when your logged in via ssh so have fun... I like to start
> a
> > > second instance and kill the old one after I have "re-logged in" using
> the
> > > new port... then I useally "kill" the original process...
> >
> > you can BG the program... /etc/rc.d/init.d/sshd2 restart &
> > (note the & in the end)
> > that way the parent process will die, but the init script will run fine
> > till the end...
> >
>
> Yeppers.... been there done that ... however.... some versions will still
> disconnect you and I'm trying to perserve the current session(s). What I
> have noticed is that between ssh.com and openssh in some versions, is that
> one of them somewhere did a very graceful restart without killing the
> session and the rest useally killed it... So to be safe, I just don't do it
> anymore.... I guess I could look at the init scripts a bit more, but I
> would rather not depend on them. so... I just ps -auxfw (I can't stop the -)
> before and after ...and determine the process in question.... and then I
> just kill the one I don't like....
>
> This is a very good routine to pratice so if you get hac*ed and they login,
> you are better prepared to watch them and attack them and "defend your
> land"... I find http://www.vandyke.com/ SecureCRT is a good program to
> fight from... that and "killall telnet" can be a big advantage.... among
> other things....
>
> Zeffie
> http://www.zeffie.com/
Of course it'ld die! That's the purpose of using the restart command...
But in my way you can restart it, and immediately connect with the new one
(after all, you can't run two of them together on the same port) - because
that when you bg the process, when the parent process (old sshd) dies, the
script doesn't die with him, but continue and loads the new copy of sshd,
which was my point...
with regards to the ps -auxfw.... i have some weird solaris box who won't
accept -a at all (solaris 5.8) - i'm still trying to figure out why, this
is being very annoying :-)
- shimi.