[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
20051111: adde.ucar.edu IP address changed; action needed (cont.)
- Subject: 20051111: adde.ucar.edu IP address changed; action needed (cont.)
- Date: Fri, 11 Nov 2005 15:02:55 -0700
>From: "Corcoran, William T" <address@hidden>
>Organization: Missouri State
>Keywords: 200508291349.j7TDnujo003962 McIDAS ADDE
Hi Bill,
re: I can't SSH (Secure Shell) to your machine
>Don't know ssh. Don't have any firewalls of which I am aware.
I would be suprised if there wasn't a firewall somewhere along the
line. As far as SSH, if you don't have SSH access to your machine, how
do you login from outside of the campus domain? Telent? If yes on
telnet, all I can say is OUCH since telnet is a giant security hole!
It is very likely that your campus IT group has implemented a firewall
that limits access to your subnet. I say this because I am unable to:
- telnet in
- SSH in
- ping your machine
>Can't find anything on ssh on my machine. No service listed at 22 (21
>and 23 yes, even I know telnet).
OK.
>Inted.conf has nothing to start listed
>for ssh. This is an old AIX 4.3 machine.
OK. My system administrator is not here today, so I don't know if
SSH (sshd) was available with AIX 4.3. I know that it was available
_for_ AIX 4.3 because our old (and tired) AIX 4.3 machine is running
it.
>Is that how you used to access our machines?
We limit logons to SSH, and we use one time passwords that are
generated using a CryptoCard. We also have pretty much all other
services locked down/out. Hackers are continually trying to break in
to machines anymore, so it is unacceptable to not have one's machine
firewalled. This is why I think that your campus IT group must be
doing this for the campus network.
>Sorry for being a Neanderthal.
:-) No worries.
Cheers,
Tom
--
NOTE: All email exchanges with Unidata User Support are recorded in the
Unidata inquiry tracking system and then made publicly available
through the web. If you do not want to have your interactions made
available in this way, you must let us know in each email you send to us.
>From address@hidden Fri Nov 11 16:03:21 2005
Well, this will get more embarrassing by the moment but let's press on.
The only thing of substance is:
At the time you were probably trying to get on our machine, I had
networking screwed up. I couldn't ping or traceroute your machines
either. We have since rebooted and all is back to where we were
before...no mcidas, but at least back with ping and traceroute giving
correct results.
As far as the rest of it goes, yeah, we're real open. From our
Networking Services page:
We have blocked the following ports for security and virus vulnerability
reasons:
135 - 139
MS File and Print Sharing
445
MS File and Print Sharing
593
MS File and Print Sharing
1311
Dell vulnerability
1433 -1434
SQL
3389
MS Remote Desktop Protocol
4444
MS File Sharing Vulnerability
Any problems, I am sure, are with cumulus, not with firewalls beyond.
Oddly enough, in searching for ssh or sshd, I found a hack with eggdrop,
and all the files, under /usr/lib/boot/ with eggdrop IRC bots crap had
ssh in it...so I guess they were using that too.
Anyway, I guess I'll just keep throwing darts at my networking. Let ya
know when I find something.
Bill