7 Jan
2017
7 Jan
'17
3:19 p.m.
On Saturday 07 January 2017 00:55:36 Pau wrote:
I would prefer to
distribute the lime binaries with a default password (lime?)
I believe this could create a false sense of security that is even worse then
open telnet...
and/or
force Chef to ask for a password to the user.
This seems definitely better!
Cheers!
On 22/12/16 19:23, Ilario wrote:
> 2016-12-22 13:19 GMT+01:00 Gui Iribarren <gui(a)altermundi.net>et>:
>> i had been infected already with some malware :(
>>
>> found a process "LA4obRtMROA7TAt2wWN1TnwHw"
>> and a file in the root directory: /bin.sh
>> which i copy at the end of this email for reference.
>
> wooooooooooo srsly??
>
>> so funny, for a moment i felt a deja-vu like the many times i connected
>> a Windows PC directly to a public IP, and in under 5 minutes it had been
>> infected with viruses.
>
> ROTFL we could call next release LibreMesh 98
>
>> It most likely came in via telnet, since that's open and passwordless
>> by default on our releases.
>>
>> I think we should at least block telnet port over WAN by default
>
> +1
> But consider that trunk is not using telnet anymore as on LEDE default
> is ssh with empty root password.
> We should block ssh on WAN port until when root password gets set,
> later it will have to be accessible.
> Maybe LEDE people already have something for this...?
> _______________________________________________
> lime-dev mailing list
> lime-dev(a)lists.libremesh.org
> https://lists.libremesh.org/mailman/listinfo/lime-dev