[Full-Disclosure] SNMP Broadcasts
measl at mfn.org
Fri Jul 16 21:06:53 BST 2004
On Fri, 16 Jul 2004, Barry Fitzgerald wrote:
> J.A. Terranson wrote:
> >>Oh, I get it. So if root executes "sshd -p 45522" --this is not
> >>*technically* ssh, right?
> >If sshd is running on 45522 it's a back door Marty :-) And no, in this
> >case, pedantic or not, it's not "ssh" as is commonly accepted.
> I disagree. It may not be completely standard compliant (in so far as
> the standard assigns a common usage port), but it sure as hell is the
> SSH protocol.
Agreed. It is the SSH protocol, but it is not the SSH *service*. It
violates the standard (as you note).
If I write a trojan that uses HTTP to process requests, then park it on
31337, I do not have an HTTP serv(er|ice). I have a trojan which happens
to use the HTTP protocol.
> When you say "that's running on this port, but it's not SSH" you're not
> sending the message to people that it's not SSH because it has to be
> compliant, you're sending the message to people that it's *not the SSH
> protocol at all*...
No, not at all. There's a big difference between a *standardized service*
and it's underlying protocols. In order to be SSH, it must comply with
all of the standards for SSH. Otherwise, you get a M$ Windows product.
> I think the fact that you're being pedantic with this issue confuses the
I understood that risk during the first post, and deliberately made note
> and is, pretty much, worthless. No one, frankly, gives a sh*t if
> you consider it to not be SSH because it's not on the port that makes
> you happy
As a non member of the appropriate standards bodies, what I would like is
irrelevant. If you assess a site, and report that they have ssh running
on port 31337, you are not providing factual data - you are providing an
uninformed opinon, which is *wrong*.
> Saying what you said above is counterproductive and will only serve to
> confuse people. Perhaps you should wratchet up your pedantic nature and
> instead of saying that it's "not SSH because it's on the wrong port" say
> "it's non-compliant SSH because it's on the wrong port".
Except for you, I think everyone else *got* the point.
> Otherwise it's a case of the pot calling the kettle black.
> p.s. This is the end of that issue as far as I'm concerned. If you
> continue to claim that it's "not the SSH protocol", you're just being
Then I'm being difficult. But in the end, this is my attempt to realign
your thinking on it. That you are immobile is not something I can help.
sysadmin at mfn.org
"...justice is a duty towards those whom you love and those whom you do
not. And people's rights will not be harmed if the opponent speaks out
about them." Osama Bin Laden
- - -
"There aught to be limits to freedom!" George Bush
- - -
Which one scares you more?
Full-Disclosure is hosted and sponsored by Secunia.