Active Topics

 


Reply
Thread Tools
Posts: 135 | Thanked: 75 times | Joined on Apr 2011 @ Buenos Aires, Argentina
#1
Hi all.
First I want to tell you that I'll assist to this Security Conference and I'll go with my N900.
Let's suppose it has a very difficult root password (uncrackable under normal conditions) and the only service available as an open port would be SSH. Bluetooth will be shut down and 3G too.

Would connecting to WiFi in that conference be dangerous? How do you think the attacker could penetrate N900 (without having physical access to it, of course).
Should I let SSH port be open? If I close it, would another service still running be used as an exploitable gate to gain shell access?

As setup, I have latest CSSU with latest Kernel-Power, and latest Busybox (Busybox-Power).

TL;DR
:
I wanna know if N900 is vulnerable to attacks as a target, and share experiences about vulnerabilies found in Maemo 5 and how to prevent them.

Hoping I didn't make silly questions that may irritate you (I'm not an expert, for sure, but I'm not a lammo either), I wait for your answers. Thanks a lot, guys.


Ok, let's compile and summarize some nice advices I've got so far:
Originally Posted by Captwheeto View Post
Turn off SSH if you're not going to use it. Also traffic is being sniffed more than a school girl in Japan. Don't log on to anything, general browsing should be fine as long as nobody does a redirect and exploits you from there.
Originally Posted by petur View Post
Disable IM status and any mail/calendar/contacts syncing . Or make sure they use SSL/....
Originally Posted by stlpaul View Post
As root. Turn off sshd:
Code:
stop sshd
As root. Turn on sshd:
Code:
start sshd
Originally Posted by stlpaul View Post
Use iptables/ip6tables to drop all incoming and outgoing connections over your wifi adapter, only allowing traffic out to your VPN/SSH tunnel server. And use that tunnel for everything.
Otherwise, don't use open wifi, use your 3G internet instead.
Originally Posted by momcilo View Post
There are known exploits for older version of OpenSSH which don't require username/password knowledge.
Basically, since the software running inside N900 is relatively old and therefore very well known to the attackers, you may have additional holes.
Don't accept any new certificates within browser, chat application or mail client.
Originally Posted by jedi View Post
Using passwords sucks big time. To prevent against a scripted password-guessing bot, just disable password login on your N900 and only use keys.
edit (as root) /etc/ssh/sshd_config:
Code:
PasswordAuthentication no
UsePAM no
To use key based authentication: http://www.google.com/search?q=ssh+login+no+password

Last edited by sr00t; 2011-06-15 at 18:38.
 
Posts: 1,746 | Thanked: 1,832 times | Joined on Dec 2010
#2
well I know SSH requires a password so...
 
Captwheeto's Avatar
Posts: 302 | Thanked: 193 times | Joined on Oct 2008 @ England
#3
Turn off SSH if you're not going to use it. Also traffic is being sniffed more than a school girl in Japan. Don't log on to anything, general browsing should be fine as long as nobody does a redirect and exploits you from there.
 

The Following 7 Users Say Thank You to Captwheeto For This Useful Post:
F2thaK's Avatar
Posts: 4,365 | Thanked: 2,467 times | Joined on Jan 2010 @ Australia Mate
#4
how do you "turn off" SSH?
 
Posts: 135 | Thanked: 75 times | Joined on Apr 2011 @ Buenos Aires, Argentina
#5
Originally Posted by Captwheeto View Post
Turn off SSH if you're not going to use it. Also traffic is being sniffed more than a school girl in Japan. Don't log on to anything, general browsing should be fine as long as nobody does a redirect and exploits you from there.
Alright.
Then, penetration to the shell would not be possible 'in theory' if I don't screw it up on the network side (a.k.a. MITM attacks, redirects and sniffs) and if I turn off SSH.

Any more advices, ideas?
 
Posts: 135 | Thanked: 75 times | Joined on Apr 2011 @ Buenos Aires, Argentina
#6
Originally Posted by F2thaK View Post
how do you "turn off" SSH?
You don't turn it off, that's right. But you can disable root access.

Code:
vi /etc/ssh/sshd_config
Code:
PermitRootLogin no
 

The Following 8 Users Say Thank You to sr00t For This Useful Post:
Posts: 1,163 | Thanked: 1,873 times | Joined on Feb 2011 @ The Netherlands
#7
What about the SSH switch found in the repos? How does that thing turn SSH off?
 

The Following User Says Thank You to mr_pingu For This Useful Post:
Posts: 650 | Thanked: 497 times | Joined on Oct 2008 @ Ghent, Belgium
#8
Disable IM status and any mail/calendar/contacts syncing

Or make sure they use SSL/....
__________________
Affordable mobile internet in Belgium: Try Mobile Vikings
2 GB, 1000 SMS and 15 euro of talk time for.... 15 euro
 

The Following 9 Users Say Thank You to petur For This Useful Post:
Posts: 135 | Thanked: 75 times | Joined on Apr 2011 @ Buenos Aires, Argentina
#9
Originally Posted by mr_pingu View Post
What about the SSH switch found in the repos? How does that thing turn SSH off?
Black magic? I really wanna know now, but I don't have it installed and I don't have the sources either.
Something with iptables? Or changed properties in sshd_config? I don't know :/ .-
 
Posts: 235 | Thanked: 86 times | Joined on Dec 2010
#10
/etc/init.d/ssh stop

as root

ps ax | grep sshd

to see if you have ssh running or not
 

The Following 4 Users Say Thank You to figaro For This Useful Post:
Reply


 
Forum Jump


All times are GMT. The time now is 01:59.