maemo.org - Talk
Page 1 of 5 1 23 Last »
Show 40 post(s) from this thread on one page

maemo.org - Talk (https://talk.maemo.org/index.php)
-   Maemo 5 / Fremantle (https://talk.maemo.org/forumdisplay.php?f=40)
-   -   Maemo 5 as a vulnerability / "hacking" victim (https://talk.maemo.org/showthread.php?t=74017)

sr00t 2011-06-15 13:36
Maemo 5 as a vulnerability / "hacking" victim
 
Hi all.
First I want to tell you that I'll assist to this Security Conference and I'll go with my N900.
Let's suppose it has a very difficult root password (uncrackable under normal conditions) and the only service available as an open port would be SSH. Bluetooth will be shut down and 3G too.

Would connecting to WiFi in that conference be dangerous? How do you think the attacker could penetrate N900 (without having physical access to it, of course).
Should I let SSH port be open? If I close it, would another service still running be used as an exploitable gate to gain shell access?

As setup, I have latest CSSU with latest Kernel-Power, and latest Busybox (Busybox-Power).

TL;DR :
I wanna know if N900 is vulnerable to attacks as a target, and share experiences about vulnerabilies found in Maemo 5 and how to prevent them.

Hoping I didn't make silly questions that may irritate you (I'm not an expert, for sure, but I'm not a lammo either), I wait for your answers. Thanks a lot, guys.


Ok, let's compile and summarize some nice advices I've got so far:
Quote:
Originally Posted by Captwheeto (Post 1029647)
Turn off SSH if you're not going to use it. Also traffic is being sniffed more than a school girl in Japan. Don't log on to anything, general browsing should be fine as long as nobody does a redirect and exploits you from there.
Quote:
Originally Posted by petur (Post 1029661)
Disable IM status and any mail/calendar/contacts syncing :). Or make sure they use SSL/....
Quote:
Originally Posted by stlpaul (Post 1029677)
As root. Turn off sshd:
Code:
stop sshd
As root. Turn on sshd:
Code:
start sshd
Quote:
Originally Posted by stlpaul (Post 1029682)
Use iptables/ip6tables to drop all incoming and outgoing connections over your wifi adapter, only allowing traffic out to your VPN/SSH tunnel server. And use that tunnel for everything.
Otherwise, don't use open wifi, use your 3G internet instead.
Quote:
Originally Posted by momcilo (Post 1029702)
There are known exploits for older version of OpenSSH which don't require username/password knowledge.
Basically, since the software running inside N900 is relatively old and therefore very well known to the attackers, you may have additional holes.
Don't accept any new certificates within browser, chat application or mail client.
Quote:
Originally Posted by jedi (Post 1029803)
Using passwords sucks big time. To prevent against a scripted password-guessing bot, just disable password login on your N900 and only use keys.
edit (as root) /etc/ssh/sshd_config:
Code:
PasswordAuthentication no
UsePAM no
To use key based authentication: http://www.google.com/search?q=ssh+login+no+password

m4r0v3r 2011-06-15 13:42
Re: Maemo 5 as a vulnerability / "hacking" victim
 
well I know SSH requires a password so...

Captwheeto 2011-06-15 13:51
Re: Maemo 5 as a vulnerability / "hacking" victim
 
Turn off SSH if you're not going to use it. Also traffic is being sniffed more than a school girl in Japan. Don't log on to anything, general browsing should be fine as long as nobody does a redirect and exploits you from there.

F2thaK 2011-06-15 13:59
Re: Maemo 5 as a vulnerability / "hacking" victim
 
how do you "turn off" SSH?

sr00t 2011-06-15 14:01
Re: Maemo 5 as a vulnerability / "hacking" victim
 
Quote:
Originally Posted by Captwheeto (Post 1029647)
Turn off SSH if you're not going to use it. Also traffic is being sniffed more than a school girl in Japan. Don't log on to anything, general browsing should be fine as long as nobody does a redirect and exploits you from there.
Alright.
Then, penetration to the shell would not be possible 'in theory' if I don't screw it up on the network side (a.k.a. MITM attacks, redirects and sniffs) and if I turn off SSH.

Any more advices, ideas?

sr00t 2011-06-15 14:03
Re: Maemo 5 as a vulnerability / "hacking" victim
 
Quote:
Originally Posted by F2thaK (Post 1029652)
how do you "turn off" SSH?
You don't turn it off, that's right. But you can disable root access.

Code:
vi /etc/ssh/sshd_config
Code:
PermitRootLogin no

mr_pingu 2011-06-15 14:05
Re: Maemo 5 as a vulnerability / "hacking" victim
 
What about the SSH switch found in the repos? How does that thing turn SSH off?

petur 2011-06-15 14:11
Re: Maemo 5 as a vulnerability / "hacking" victim
 
Disable IM status and any mail/calendar/contacts syncing :)

Or make sure they use SSL/....

sr00t 2011-06-15 14:18
Re: Maemo 5 as a vulnerability / "hacking" victim
 
Quote:
Originally Posted by mr_pingu (Post 1029658)
What about the SSH switch found in the repos? How does that thing turn SSH off?
Black magic? I really wanna know now, but I don't have it installed and I don't have the sources either.
Something with iptables? Or changed properties in sshd_config? I don't know :/ .-

figaro 2011-06-15 14:27
Re: Maemo 5 as a vulnerability / "hacking" victim
 
/etc/init.d/ssh stop

as root

ps ax | grep sshd

to see if you have ssh running or not


All times are GMT. The time now is 15:06.
Page 1 of 5 1 23 Last »
Show 40 post(s) from this thread on one page

vBulletin® Version 3.8.8