Entry 25470 (Berkeley CSUA MOTD)

Berkeley CSUA MOTD:Entry 25470

WIKI \| FAQ \| Tech FAQ
`http://csua.com/feed/`

2025/05/24 [General] UID:1000 Activity:popular

5/24

2002/8/1-2 [Computer/SW/Security] UID:25470 Activity:high

8/1     Bugtraq reports that openssh-3.4p1 was trojanned on http://ftp.openbsd.org,
        and its mirrors.
        \_ Link?  And Is that what happened to csua?
           \_ http://online.securityfocus.com/archive/1/285492/2002-07-29/2002-08-04/0
           \_ Don't think so.  That seems to have affected the
              openssh-portable port.
              \_ which... soda runs...
                 \_ dont bring facts into this.  this is the motd, damn it!
                    \_ It's okay, they didn't.
                 \_ no it doesn't:
                    $ telnet soda 22
                    Trying 128.32.112.233...
                    Connected to http://soda.CSUA.Berkeley.EDU.
                    Escape character is '^]'.
                    SSH-1.99-OpenSSH_3.4
                    \_ genius wtf do you think that is?  If it isn't an openbsd
                       machine and it's running openssh, it's the portable one
                       \_ I believe the FreeBSD uses the non-portable openssh
                          too, perhaps with their own patches. If FreeBSD was
                          using portable openssh, you'd see a version string
                          that looks like this: SSH-1.99-OpenSSH_3.4p1
                       \_ Hi.  You're an idiot.
                       \_ Recent FreeBSD base system uses 3.4p1.  There are
                          also two ports: security/openssh and
                          security/openssh-portable, which are a patched
                          OpenBSD version and the portable version,
                          respectively.  Soda is running the former, AFAIK.
                          --dbushong
              \_ The only installed openssh port I see is:
                 /var/db/pkg/openssh-3.4_4
        \_ What's the bottom line? Is soda's current version compromised?
           \_ I don't think so.  Plus, the compromise is just a side effect
              of the build, and (supposedly) should not affect the built
              executables.
           \_ No. The MD5 on the src tar ball in /usr/ports/distfiles
              matches the correct MD5:
              MD5 (openssh-3.4.tgz) = 39659226ff5b0d16d0290b21f67c46f2
              soda$ cd /usr/ports/distfiles/ && md5 openssh-3.4.tgz
              MD5 (openssh-3.4.tgz) = 39659226ff5b0d16d0290b21f67c46f2
           \_ Here is what I've heard from a reliable source: (sorry, no
              url)
              "If you didn't rebuild OpenSSH from scratch in the past 36
              hours you don't have to worry about it and the trojaned
              code was replaced with a clean copy by 6am PDT. The trojan
              was that someone added a line to a Makefile such that during
              compilation, a socket is opened to a hacked machine once an
              hour to await "commands" (or example, open a shell, or die).
              The OpenSSH code base wasn't touched. The hacked machine was
              wiped early early this AM.

              I haven't heard anything about whether the SunOS 4.1.X FTP
              server (the OpenSSH project hosts there because the people
              who offered to host it there have lots of bandwidth) was
              hacked, or if this was some kind of inside job from someone
              who had appropriate levels of access on that host.

              Like you doctor always said, check your md5 checksums and your
              PGP sigs. The FreeBSD "ports" system does that automatically
              and refused to build and install the tainted coded."

ERROR, url_link recursive (eces.Colorado.EDU/secure/mindterm2) 2025/05/24 [General] UID:1000 Activity:popular

5/24

You may also be interested in these entries...

2013/10/24-11/21 [Computer/Companies/Apple] UID:54747 Activity:nil

9/19    "No, A Severed Finger Will Not Be Able to Access a Stolen iPhone 5S"
        http://mashable.com/2013/09/15/severed-finger-iphone-5s
        I'm sure the Apple QA department has tested extensively that a severed
        finger will not be able to access a stolen iPhone 5S.
        \_ It doesn't matter whether or not a severed finger can be used.  It
           matters whether or not a robber thinks that a severed finger can be
	...

2013/6/6-7/31 [Politics/Foreign/Asia/China, Computer/SW/Security] UID:54690 Activity:nil

6/6     Wow, NSA rocks. Who would have thought they had access to major
        data exchangers? I have much more respect for government workers,
        crypto experts, mathematicans now than ever.
        \_ flea to Hong Kong --> best dim-sum in the world
           \_ "flee"
        \_ The dumb ones work for DMV, the smart ones for the NSA. If you
	...

2012/8/29-11/7 [Computer/SW/Security] UID:54467 Activity:nil

8/29    There was once a CSUA web page which runs an SSH client for logging
        on to soda.  Does that page still exist?  Can someone remind me of the
        URL please?  Thx.
        \_ what do you mean? instruction on how to ssh into soda?
           \_ No I think he means the ssh applet, which, iirc, was an applet
              that implemented an ssh v1 client.  I think this page went away
	...

2012/8/7-10/17 [Computer/SW/Security] UID:54455 Activity:nil

8/6     Amazon and Apple have lame security policies:
        http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/all
        "First you call Amazon and tell them you are the account holder, and
         want to add a credit card number to the account. All you need is the
         name on the account, an associated e-mail address, and the billing
         address. "
	...

2011/5/19-7/30 [Computer/SW/Security] UID:54110 Activity:nil

5/19    Uh, is anyone still using this? Please mark here if you post and
        haven't added this yet. I'll start:
        \_ person k
        \_ ausman, I check in about once a week.
        \_ erikred, twice a week or so.
        \_ mehlhaff, I login when I actually own my home directory instead of
	...

2011/2/14-4/20 [Computer/SW/Unix] UID:54039 Activity:nil

2/14    You sure soda isn't running windows in disguise?  It would explain the
        uptimes.
        \_ hardly, My winbox stays up longer.
        \_ Nobody cares about uptime anymore brother, that's what web2.0 has
           taught us.  Everything is "stateless".
           \_ You;d think gamers would care more about uptime.
	...

2010/8/12-9/7 [Computer/SW/Languages/Perl] UID:53922 Activity:nil

8/12    Ruby coders, do you mostly DIY your stuff or use the ruby libs out
        there?   How is their quality compared to other libs you have used
        for other langs?  Thx.
        \_ I use Ruby for hobby stuff, etc.  I use libraries for system stuff
           (web access, process, etc.) but that's about it.  Perl libraries are
           much better/more complete.  I assume because of the maturity and
	...

2010/2/22-3/12 [Computer/HW] UID:53723 Activity:nil

2/20    There was a failure validating the SSL/TLS certificate for the server
                                          <DEAD>mail.csua.berkeley.edu<DEAD>
        The reason for the failure was
                          self signed certificate in certificate chain (details)
        We have not verified the identity of your server. If you ignore this certificate validation
        problem and continue, you could end up connecting to an imposter server.
	...

Cache (195 bytes)

online.securityfocus.com/archive/1/285492/2002-07-29/2002-08-04/0 -> www.securityfocus.com/archive/1/285492/2002-07-29/2002-08-04/0I could declare short, but I have no idea what impact + * does it have on performance on none-T3E machines. I could declare + * int, but at least on C90 sizeof(int) can be chosen at compile time.

Cache (207 bytes)

ftp.openbsd.orgOpenBSD supports binary emulation of most programs from SVR4 (Solaris), FreeBSD, Linux, BSD/OS, SunOS and HP-UX. OpenBSD is freely available from our FTP sites, and also available in an inexpensive 3-CD set.

Cache (964 bytes)

soda.CSUA.Berkeley.EDU -> soda.csua.berkeley.edu/Computer Science Undergraduate Association The Computer Science Undergraduate Association is dedicated to representing the undergraduate Computer Science student body and associates to the University of California at Berkeley , its representatives, and other related organizations; Announcements: Are you a current Berkeley undergrad interested in EE or CS? Every spring, student groups give a presentation to the EECS faculty on pressing issues in the EECS program. Please fill out this quick survey to make sure your opinions are heard. CSUA t-shirts are now available in the office 343 Soda for $12 each. The CSUA Mentoring Program is calling for new students to sign up to be mentored. Register to find out more information about this free program at the mentoring website . Members interested in mentoring should contact jhs as soon as possible. CSUA Officer Meetings: Politburo meetings for Spring 2004 are scheduled for every Monday at 6pm in 337 Soda Hall.