What do net attackers look for?

Kristian Erik Hermansen kristian.hermansen-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Fri Feb 15 20:06:22 UTC 2008 

On Fri, Feb 15, 2008 at 5:15 AM, JoeHill <joehill-R6A+fiHC8nRWk0Htik3J/w at public.gmane.org> wrote:
>  Funny, I didn't turn it on and it's running at login for me. I don't have
>  'allow other users to access my desktop' checked in the config, but I cannot
>  shut it off. Then I read this:
>
>  https://bugs.launchpad.net/ubuntu/+source/vino/+bug/141160

Seems like a bug, but I guarantee you that Ubuntu did not turn it on
for you at installation.  Ubuntu has a strict policy about not
allowing any listening services in default installs.  I talked to
Benjamin Mako-Hill about this personally last April in Boston at the
Ubuntu Feisty release party.  Sounds more like some third-party
package or script you ran enabled it.  It is perhaps possible that
automatix/2 did this, and is another reason why no one should use such
low-quality software packages :-)  It could be any number of
possibilities though, but one thing is for sure, vino-server should
not be enabled by default...

>  No expert me, but it seems to me that this bug means that vino-session will
>  automatically run vino-server at login, and that currently vino-server cannot
>  be shut off. Even killall won't take it out because vino-session will see that
>  it's not running and start it again.

To me the bug seems to state this bug only happens once vino-server
has been enabled, and does not imply that it is on by default.  Here
is my own machine to show proof...

khermans at khermans-laptop:~$ nmap -T5 -p 5900 localhost

Starting Nmap 4.20 ( http://insecure.org ) at 2008-02-15 11:58 PST
Interesting ports on localhost (127.0.0.1):
PORT     STATE  SERVICE
5900/tcp closed vnc

Nmap finished: 1 IP address (1 host up) scanned in 0.173 seconds
-- 
Kristian Erik Hermansen
"Know something about everything and everything about something."
--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists

More information about the Legacy mailing list