[App_rpt-users] How to convince IT
Jesse Lloyd
ve7lyd at gmail.com
Sat May 23 05:44:49 UTC 2015
I believe it uses IAX MD5 challenge/response authentication. So a brute
force or dictionary attack could work, and also a man-in-the middle
attack. It's much better then plaintext, not nearly as good as RSA. IAX
MD5 is pretty common, and at worst with a hacked IAX connection someone
could connect to your node and transmit on your radio.
If no other ports or services are on the box it shouldn't cause a network
security issue. Now leave SSH running with a simple dictionary attackable
password and it's game over. If you want SSH running, use a RSA key and
disable PasswordAuthentication. Also you should limit ssh access to a
handful (ideally one) user. Physical access to the machine should also be
secured, CentOS in single user mode will allow anyone to log into it,
change whatever, and log out... but that goes for any machine on the
network.
If you're really concerned get shorewall or some other firewall running on
it. Close all ports other than SSH and IAX. Then concentrate on the
students, because they're almost certainly a much larger security hole :)
Cheers,
Jesse
On Fri, May 22, 2015 at 8:50 PM, Skyler Fennell <electricity440 at gmail.com>
wrote:
> What should I say when they ask how Allstar is secure and how it
> authenticates so I can get ports. I am putting a repeater on a high school.
>
> Thanks
> Skyler
> _______________________________________________
> App_rpt-users mailing list
> App_rpt-users at ohnosec.org
> http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users
>
> To unsubscribe from this list please visit
> http://ohnosec.org/cgi-bin/mailman/listinfo/app_rpt-users and scroll down
> to the bottom of the page. Enter your email address and press the
> "Unsubscribe or edit options button"
> You do not need a password to unsubscribe, you can do it via email
> confirmation. If you have trouble unsubscribing, please send a message to
> the list detailing the problem.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.keekles.org/pipermail/app_rpt-users/attachments/20150522/f6de621e/attachment.html>
More information about the App_rpt-users
mailing list