Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: How to verify Privilege Separation is working?

from [David Walker] Network Security [Permanent Link]
Subject: Re: How to verify Privilege Separation is working?
Date: Sun, 26 Sep 2004 11:52:09 -0500 
ssh into your server to an account that requires a password or a non-existing 
account that prompts for a password.  Don't enter a password at this time but 
run your ps command (from another shell of course).  If privilege separation 
is operational then you will see an sshd process running under the separation 
account such as "sshd"

On Friday 24 September 2004 02:59 am, Philip Le Riche wrote:

Hi -

Is there a simple way to positively demonstrate that privilege
separation is working? Running ps -fe shows all sshd processes running
as root. If /var/empty doesn't exist, sshd still seems to work, but
presumably without privilege separation. There may be other
configuration errors which could have the same effect.

(The reason I ask is that a vulnerability assessment has shown that I
need to upgrade to OpenSSH 3.7.1 to avoid known vulnerabilities.
However, rebuilding from source has run into problems with
incompatible libraries since we're on an old version of AIX. No doubt
these are fixable, given time my management may not allow me, but if I
could positively demonstrate that privilege separation is working, I
could argue that the risk is low and limited to DoS. Agreed?)

- Philip
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Blocking ssh but not sftp/scp, harry
Next by Date:  RE: Using wrappers w/ssh, Baker, Darryl
Previous by Thread:  Re: How to verify Privilege Separation is working?, Greg Wooledge
Next by Thread:  Another X11 forwarding question, Conley, Robert Michael
Indexes:  [Date] [Thread] [Top] [All Lists]