Áåçîïàñíîñòü SSH (dropbear)

**SergeyVl** · 16-01-2007, 21:34

Èìååòñÿ WL-500gP, ïðîøèâêà 1.9.2.7-7f post5, ðåàëüíûé ÈÏ, è íåîáõîäèìîñòü äîñòóïà ê ðîóòåðó ïî SSH ñ èíòåðíåòà (ñ ðàçëè÷íûõ ÈÏ àäðåñîâ).
Íà ðîóòåðå çàïóùåí dropbear (ðàíåå çàïóùåí áûë èäóùèé â ïðîøèâêå, ñåé÷àñ ïîñòàâèë ïàêåò dropbear 0.48.1-1).
Çàìåòèë â ëîãàõ îãðîìíîå êîëè÷åñòâî ïîïûòîê ïîäêëþ÷åíèÿ ïî ssh:

Code:

Jan 16 15:44:00 dropbear[2160]: Child connection from ::ffff:66.240.221.***:38230
Jan 16 15:44:02 dropbear[2160]: login attempt for nonexistent user from ::ffff:66.240.221.***:38230
Jan 16 15:44:03 dropbear[2160]: exit before auth: Disconnect received

ñ îäíîãî è òîãî æå ÈÏ, èíòåðâàë - 2...4 ñåêóíäû, è óæå áîëåå 10 ÷àñîâ ïîäðÿä, èíîãäà íàòûêàåòñÿ íà ïîëüçîâàòåëÿ 'admin':

Code:

Jan 16 11:07:22 dropbear[29822]: Child connection from ::ffff:66.240.221.***:59692
Jan 16 11:07:24 dropbear[29822]: bad password attempt for 'admin' from ::ffff:66.240.221.***:59692
Jan 16 11:07:24 dropbear[29822]: exit before auth (user 'admin', 1 fails): Disconnect received

Íàñêîëüêî "ñèëüíà" çàùèòà dropbear îò "âçëîìà"?
Êàêîâà ìèíèìàëüíî-ðåêîìåíäóåìàÿ äëèíà ïàðîëÿ äëÿ îáåñïå÷åíèÿ äîñòàòî÷íîé áåçîïàñíîñòè?
Âîçìîæíî ëè áîðîòüñÿ ñ ýòèì (çàäàòü òàéì-àóò íà ïîäêëþ÷åíèå èëè êàê òî åùå), à çà îäíî èçáàâèòüñÿ îò "ïàðàçèòíîãî òðàôèêà"?

ÏÑ. Âîçìîæíî, ìåíÿ áû ýòî íå òàê ñèëüíî ñìóùàëî, åñëè áû íå ðåçóëüòàòû ñêàíèðîâàíèÿ (ñ WAN) ñ ïîìîùüþ XSpider 7.5 (Demo):

**imdex** · 16-01-2007, 21:42

Ïîðò dropbear ñìåíèòå íà êàêîé-íèáóäü èç âûøå 1024. ß òîæå ñïåðâà âûñòàâèë â èíåò db íà 22 ïîðòó, ïàðîëü ïîäáèðàëè êàæäûé äåíü. Íå ïîäîáðàëè, íî ïîòîì ìíå íàäîåëî è ÿ ïåðåâåë db íà 22000, çà ìåñÿö íè îäíîé ïîïûòêè íå çàôèêñèðîâàíî.

**FilimoniC** · 17-01-2007, 04:34

Originally Posted by imdex

Ïîðò dropbear ñìåíèòå íà êàêîé-íèáóäü èç âûøå 1024. ß òîæå ñïåðâà âûñòàâèë â èíåò db íà 22 ïîðòó, ïàðîëü ïîäáèðàëè êàæäûé äåíü. Íå ïîäîáðàëè, íî ïîòîì ìíå íàäîåëî è ÿ ïåðåâåë db íà 22000, çà ìåñÿö íè îäíîé ïîïûòêè íå çàôèêñèðîâàíî.

àíàëîãè÷íî. 1022 ïîðò

**alexnik** · 17-01-2007, 07:54

À ÿ ïðîñòî îãðàíè÷èë êîëè÷åñòâî ïîïûòîê

Code:

iptables -t nat -I PREROUTING -i $WAN -p tcp -m state --state NEW --dport 22 \
        -m recent --set --name SSH_ATTACKER --rsource
iptables        -I INPUT      -i $WAN -p tcp -m state --state NEW --dport 22 \
        -m recent --update --seconds 600 --hitcount 3 --name SSH_ATTACKER --rsource -j DROP

**Duke** · 17-01-2007, 09:33

Ïðîèçâîëüíûé ïîðò ðàíî èëè ïîçíî ìîãóò íàéòè ïðîñòûì ñêàíèðîâàíèåì îòêðûòûõ ïîðòîâ. ÿ õèòðåå íàñòðîèë - íåñêîëüêî ðàç â ÷àñ ïðîâåðÿåòñÿ ëîã íà ïðåäìåò ïîïûòîê ïîäêëþ÷åíèÿ ñ íåâåðíûì ïàðîëåì - ïðîâèíèâøèìñÿ àäðåñàì ïðèêðûâàåòñÿ 22é ïîðò, àäðåñà ñîõðàíÿþòñÿ íà ôëåøêè è ïîñëå ïåðåçàãðóçêè òàêæå áëîêèðóþòñÿ â ïîñò-ôàéðâîëå. Ïåðèîäè÷åñêè âðó÷íóþ ñîðòèðóþ ýòîò ñïèñîê è ïðè äâîéíîì ìîïàäàíèè çàêðûâàþ íàôèã äîñòóï ïî âñåì ïîðòàì íà âñþ ïîäñåòü. Ïðîöåíòîâ 80-90 ëåçóò êèòàéöû (äûðÿâûå ìàñêèâûäàííûõ êèòàéöàìè ïîäñåòåé - ýòî îòäåëüíàÿ ïåñíèÿ)

ÇÛæ Õîòÿ åùå áîëåå ñåêóðíî-îòêðûòü äîñòóï èñêëþ÷èòåëüíî íà ïîäñåòè èç êîòîðûõ ñàì çàõîäèø, íî íå âñåãäà çíàåøü îòêóäà ïðèäåòñÿ ëåçòü..

**imdex** · 17-01-2007, 10:29

Originally Posted by Duke

Ïðîèçâîëüíûé ïîðò ðàíî èëè ïîçíî ìîãóò íàéòè ïðîñòûì ñêàíèðîâàíèåì îòêðûòûõ ïîðòîâ. ÿ õèòðåå íàñòðîèë - íåñêîëüêî ðàç â ÷àñ ïðîâåðÿåòñÿ ëîã íà ïðåäìåò ïîïûòîê ïîäêëþ÷åíèÿ ñ íåâåðíûì ïàðîëåì - ïðîâèíèâøèìñÿ àäðåñàì ïðèêðûâàåòñÿ 22é ïîðò, àäðåñà ñîõðàíÿþòñÿ íà ôëåøêè è ïîñëå ïåðåçàãðóçêè òàêæå áëîêèðóþòñÿ â ïîñò-ôàéðâîëå. Ïåðèîäè÷åñêè âðó÷íóþ ñîðòèðóþ ýòîò ñïèñîê è ïðè äâîéíîì ìîïàäàíèè çàêðûâàþ íàôèã äîñòóï ïî âñåì ïîðòàì íà âñþ ïîäñåòü. Ïðîöåíòîâ 80-90 ëåçóò êèòàéöû (äûðÿâûå ìàñêèâûäàííûõ êèòàéöàìè ïîäñåòåé - ýòî îòäåëüíàÿ ïåñíèÿ)

ÇÛæ Õîòÿ åùå áîëåå ñåêóðíî-îòêðûòü äîñòóï èñêëþ÷èòåëüíî íà ïîäñåòè èç êîòîðûõ ñàì çàõîäèø, íî íå âñåãäà çíàåøü îòêóäà ïðèäåòñÿ ëåçòü..

Äà íèêîìó ýòî íå íàäî, ñêàíèðîâàòü âñå ïîðòû. Ðîáîò çàïóùåí èëè ñêðèïò-êèä, ïåðåáèðàåò ñòàíäàðòíûå òèïà 22, 23, 3389, 80, 8080 è ò.ä. Íàõîäèò, ïûòàåòñÿ ïîëîìàòü, íå íàõîäèò, óõîäèò. Âðÿä ëè ó êîãî-òî õðàíÿòñÿ äàííûå, çà êîòîðûå ìîãóò çàïëàòèòü äåíüãè, ÷òîáû äîñòàëè. À åñëè õðàíÿòñÿ, òî âîîáùå íå ñòîèò â èíåò îòêðûâàòü õîòü ÷òî-òî.

**seeker** · 17-01-2007, 12:17

Originally Posted by alexnik

À ÿ ïðîñòî îãðàíè÷èë êîëè÷åñòâî ïîïûòîê

Code:

iptables -t nat -I PREROUTING -i $WAN -p tcp -m state --state NEW --dport 22 \
        -m recent --set --name SSH_ATTACKER --rsource
iptables        -I INPUT      -i $WAN -p tcp -m state --state NEW --dport 22 \
        -m recent --update --seconds 600 --hitcount 3 --name SSH_ATTACKER --rsource -j DROP

à êàê ýòî îãðàíè÷èâàåò êîëè÷åñòâî ïîïûòîê?

**alexnik** · 17-01-2007, 12:43

à êàê ýòî îãðàíè÷èâàåò êîëè÷åñòâî ïîïûòîê?

Äà ïðîñòî. äîïóñêàåòñÿ íå áîëåå 2 ïîïûòîê âõîäà â òå÷åíèè 10 ìèíóò.
Íî ñàìîå êðàñèâîå (ïðàâäà ïàðàíîèäàëüíîå) ðåøåíèå, êîòîðîå ÿ âèäåë, ýòî êîãäà äëÿ äîñòóïà ïî ssh íàäî ïðåäâàðèòåëüíî ñòóêíóòüñÿ íà êàêîé-íèáóòü íåñòàíäàðòíûé ïîðò, òèïà òîãî-æå 22000, è ïîòîì ïîëó÷àòü äîñòóï ïî 22.

**seeker** · 17-01-2007, 13:24

Originally Posted by alexnik

À ÿ ïðîñòî îãðàíè÷èë êîëè÷åñòâî ïîïûòîê

Code:

iptables -t nat -I PREROUTING -i $WAN -p tcp -m state --state NEW --dport 22 \
        -m recent --set --name SSH_ATTACKER --rsource
iptables        -I INPUT      -i $WAN -p tcp -m state --state NEW --dport 22 \
        -m recent --update --seconds 600 --hitcount 3 --name SSH_ATTACKER --rsource -j DROP

äîáàâèë ýòî â êîíöå post-firewall, ñìåíèâ 22 íà íîìåð ñâîåãî ïîðòà äëÿ ssh, íå ïîìîãàåò. ïûòàéñÿ êîííåòèòüñÿ õîòü ñòî ðàç ïîäðÿä.

**m0nty** · 04-05-2010, 22:04

Originally Posted by alexnik

À ÿ ïðîñòî îãðàíè÷èë êîëè÷åñòâî ïîïûòîê

Code:

iptables -t nat -I PREROUTING -i $WAN -p tcp -m state --state NEW --dport 22 \
        -m recent --set --name SSH_ATTACKER --rsource
iptables        -I INPUT      -i $WAN -p tcp -m state --state NEW --dport 22 \
        -m recent --update --seconds 600 --hitcount 3 --name SSH_ATTACKER --rsource -j DROP

Äëÿ âíåøêå èñïîëüçóþ àâòîðèçàöèþ ïî êëþ÷ó, ñàì êëþ÷ çàøèôðîâàí, à ïîðò äàëåêî ñäâèíóò îò ñòàíäàðòíîãî.
Äëÿ ëîêàëüêè âñå êóäà ïðîùå - ðàáîòàåò îáû÷íûé òåëíåò.

**black_128** · 22-01-2007, 20:07

Äîáðîãî âðåìåíè ñóòîê!
Ðåáÿòà, ñ íåäàâíåãî âðåìåíè âîçíèêëû íåêèå âîïðîñû ïî íåïîíÿòíîìó ïîâåäåíèþ ðîóòåðà. Ðîóòåð ðàáîòàåò ïðåêðàñíî ñ ñåòüþ netbynet.ru, ðàáîòàåò SAMBA, dropbear, ftp è WWW. Äîìàøíÿÿ ñåòü ñîñòîèò èç 2õ êîìïüþòåðîâ - íîóòáóêà âî WiFi è ñèñòåìíèêà ïî Ethernet êàáåëþ.

Ïîñëå óñòàíîâêè SSH (dropbear) è îòêðûòèþ ïîðòà 22 íàðóæó (òåëíåò îòêëþ÷¸í ðàç 22é îòêðûò), íà÷àëè ëîìèòüñÿ è áðóòôîðñèòü 22é ïîðò - íó äà ëàäíî, ÿ ñäåëàë post-firewall:

Code:

#!/bin/sh
## WEB,SSH and FTP access from WAN
## Set default policy
iptables -P INPUT DROP
## Removes last default rule
iptables -D INPUT -j DROP
## Open FTP,SSH,WWW ports
iptables -A INPUT -p tcp --dport 21 -j ACCEPT
iptables -A INPUT -p tcp --syn --dport 22 -j brute_force
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
## Block SSH brute force attacks
iptables -N brute_force
iptables -F brute_force
iptables -A brute_force -m state --state NEW -m recent --name attack --set
iptables -A brute_force -m recent --name attack --rcheck --seconds 60 --hitcount 4 -m limit --limit 1/minute --limit-burst 1 -j LOG --log-prefix 'SSH brute force attack'
iptables -A brute_force -m recent --name attack --rcheck --seconds 60 --hitcount 4 -j DROP
iptables -A brute_force -j ACCEPT
## Drop other IPs
iptables -A INPUT -j DROP
#Test for post-firewall.log
echo "post-firewall running...">/var/log/post-firewall.log

Ëîìèòüñÿ íà 22é ïîðò ïåðåñòàëè. ÍÎ! ÿ çàìåòèë, ÷òî çàõîäÿ ïî SSH, äèðåêòîðèè ïîÿâèëèñü ìàññà ôàéëîâ ñ íàñòðîéêàìè, êîòîðûå ÿ íèêîãäà íå ïðîïèñûâàë ðó÷êàìè.
Âîò ñêðèíøîò ôàéëîâ:

Ïðè÷åì âíóòðè ñêàæåì ôàéëà filter_rules ìîæíî óâèäåòü ñëåäóþùåå:

Code:

*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:MACS - [0:0]
:SECURITY - [0:0]
:logaccept - [0:0]
:logdrop - [0:0]
-A SECURITY -p tcp --syn -m limit --limit 1/s -j RETURN
-A SECURITY -p tcp --tcp-flags SYN,ACK,FIN,RST RST -m limit --limit 1/s -j RETURN
-A SECURITY -p udp -m limit --limit 5/s -j RETURN
-A SECURITY -p icmp -m limit --limit 5/s -j RETURN
-A SECURITY -j DROP
-A INPUT -m state --state INVALID -j DROP
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -i lo -m state --state NEW -j ACCEPT
-A INPUT -i br0 -m state --state NEW -j ACCEPT
-A INPUT -i ppp0 -m state --state NEW -j SECURITY
-A INPUT -p tcp -m tcp -d 192.168.1.1 --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 7776 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 7777 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 21 -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -j DROP
-A FORWARD -i br0 -o br0 -j ACCEPT
-A FORWARD -m state --state INVALID -j DROP
-A FORWARD -p tcp --syn -j TCPMSS --clamp-mss-to-pmtu
-A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
-A FORWARD -o ppp0 ! -i br0 -j DROP
-A FORWARD -o vlan1 ! -i br0 -j DROP
-A FORWARD ! -i br0 -m state --state NEW -j SECURITY
-A FORWARD -m conntrack --ctstate DNAT -j ACCEPT
-A FORWARD -o br0 -j DROP
-A logaccept -m state --state NEW -j LOG --log-prefix "ACCEPT " --log-tcp-sequence --log-tcp-options --log-ip-options
-A logaccept -j ACCEPT
-A logdrop -m state --state NEW -j LOG --log-prefix "DROP " --log-tcp-sequence --log-tcp-options --log-ip-options
-A logdrop -j DROP
COMMIT

Ïðè÷åì íèêàêèõ ïîðòîâ 7777 è 7776 ÿ íå çàäàâàë. È WEB êàìåðû ó ìåíÿ íåò.

Â ëîãå ñòàëè ïîÿâëÿòüñÿ ñîîáùåíèÿ (îáðàòèòå âíèìàíèå íà êîëè÷åñòâî ïîñëàííûé è ïðèíÿòûõ áàéò).

Code:

Jan 22 11:53:38 pppd[112]: Child process /usr/sbin/pptp 10.7.255.249 --nolaunchpppd (pid 443) terminated with signal 15
Jan 22 11:53:38 pppd[112]: Modem hangup
Jan 22 11:53:38 pppd[112]: Connection terminated.
Jan 22 11:53:38 pppd[112]: Connect time 59.0 minutes.
Jan 22 11:53:38 pppd[112]: Sent 19494331 bytes, received 215195095 bytes.
Jan 22 11:53:38 pppd[112]: Connect time 59.0 minutes.
Jan 22 11:53:38 pppd[112]: Sent 19494331 bytes, received 215195095 bytes.
Jan 22 11:53:38 pppd[112]: Exit.

Jan 22 04:54:39 pppd[112]: Starting link
Jan 22 04:54:39 pppd[112]: Serial connection established.
Jan 22 04:54:39 pppd[112]: Connect: ppp0 <--> /dev/pts/0
Jan 22 04:54:39 pptp[390]: anon log[main:pptp.c:267]: The synchronous pptp option is NOT activated 
Jan 22 04:54:39 pptp[393]: anon warn[route_add:pptp_callmgr.c:457]: route_add: not adding existing route
Jan 22 04:54:39 pptp[393]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 1 'Start-Control-Connection-Request' 
Jan 22 04:54:39 pptp[393]: anon log[ctrlp_disp:pptp_ctrl.c:732]: Received Start Control Connection Reply
Jan 22 04:54:39 pptp[393]: anon log[ctrlp_disp:pptp_ctrl.c:766]: Client connection established.
Jan 22 04:54:40 pptp[393]: anon log[ctrlp_rep:pptp_ctrl.c:251]: Sent control packet type is 7 'Outgoing-Call-Request' 
Jan 22 04:54:40 pptp[393]: anon log[ctrlp_disp:pptp_ctrl.c:851]: Received Outgoing Call Reply.
Jan 22 04:54:40 pptp[393]: anon log[ctrlp_disp:pptp_ctrl.c:890]: Outgoing call established (call ID 0, peer's call ID 32768). 
Jan 22 04:54:40 pppd[112]: MPPE 128-bit stateless compression enabled
Jan 22 04:54:43 pppd[112]: Remote IP address changed to 192.168.254.10
Jan 22 04:54:43 PPTP: connect to ISP

Ïðè÷åì â ýòî âðåìÿ (ÿ çíàþ òî÷íî), êîìïüþòåðû â ëîêàëêå áûëè âûêëþ÷åíû. Ñêàæèòå, ìîæíî ëè ñî âñåì ýòèì ðàçîáðàòüñÿ, è ÷òî äåëàòü???

Ïðîøó Âàñ ïðîòåñòèðîâàòü ìîþ ñèñòåìó íà ïðåäìåò óÿçâèìîñòåé, è ïîìî÷ü çàêðûòü îò àòàê ìîé ðîóòåð.

ÑÏÈÑÈÁÎ!

**Oleg** · 23-01-2007, 10:26

Â äèðåêòîðèè /tmp ïîÿâëÿþòñÿ ôàéëû, ãåíåðèðóåìûå äèíàìè÷åñêè. Òå, ôàéëû, êîòîðûå Âû îòìåòèëè - ñàìûå îáû÷íûå.

nas - ýòî êîíôèã äëÿ WPA/WPA-PSK

resolv.conf - ÄÍÑ
filter_rules - Âñòðîåííûé Firewall.

Ïîðò 7776 è 7777 - ñâÿçàíû ñ âåáêàìåðîé. Ó Âàñ å¸ íåò, íî ñåðâèñ î÷åâèäíî ðàçðåø¸í.

×òî êàñàåòñÿ òðàôôèêà - òóò ÿ íè÷åãî ñêàçàòü íå ìîãó. Ïîïðîáóéòå óñòàíîâèòü darkstat, ïóñòü îí ïîñ÷èòàåò åãî.

Ó Âàñ äëÿ WiFi WEP çàïðåù¸í, íàäåþñü?

**black_128** · 23-01-2007, 10:37

Ñïàñèáî çà Âàø îòâåò!

Äà, WEP âûêëþ÷åí, âêëþ÷¸í WPA-PSK (c WiFi ïðîáëåì íåò).

Íî ïîÿâèëñÿ äðóãîé òðàáë. Íè÷åãî íå èçìåíÿÿ â íàñòðîéêàõ, è èìåÿ ðàíåå äîñòóï ïî SSH èç WAN ïî 22ìó ïîðòó, ùàñ 22é ïîðò âîîáùå íå îòâå÷àåò, ñóäÿ ïî telnet ìîé_ip 22 (ðàíåå âûâîäèëñÿ øåëë SSH), ïðè÷åì ñ äîìàøíèõ ìàøèí SSH ê ðîóòåðó ðàáîòàåò.

dropbear çàïóùåí.

Code:

Jan  1 03:00:07 pppd[109]: Starting link
Jan  1 03:00:07 pppd[109]: Serial connection established.
Jan  1 03:00:07 pppd[109]: Connect: ppp0 <--> /dev/pts/0
Jan  1 03:00:08 pptp[121]: anon log[main:pptp.c:267]: The synchronous pptp option is NOT activated 
Jan  1 03:00:08 kernel: ipt_recent v0.2.3: Stephen Frost <sfrost@snowman.net>.  http://snowman.net/projects/ipt_recent/
Jan  1 03:00:08 dropbear[126]: Running in background

**Oleg** · 23-01-2007, 11:28

Originally Posted by black_128

Ñïàñèáî çà Âàø îòâåò!

Äà, WEP âûêëþ÷åí, âêëþ÷¸í WPA-PSK (c WiFi ïðîáëåì íåò).

Òîãäà âñ¸ äîëæíî áûòü õîðîøî.

Íî ïîÿâèëñÿ äðóãîé òðàáë. Íè÷åãî íå èçìåíÿÿ â íàñòðîéêàõ, è èìåÿ ðàíåå äîñòóï ïî SSH èç WAN ïî 22ìó ïîðòó, ùàñ 22é ïîðò âîîáùå íå îòâå÷àåò, ñóäÿ ïî telnet ìîé_ip 22 (ðàíåå âûâîäèëñÿ øåëë SSH), ïðè÷åì ñ äîìàøíèõ ìàøèí SSH ê ðîóòåðó ðàáîòàåò.

dropbear çàïóùåí.

Íó òàê ìîæåò recent ÷òî-òî òàì "õèìè÷èò"? Ïîïðîáóéòå åãî îòêëþ÷èòü.

**FilimoniC** · 23-01-2007, 21:01

à íå ïðîùå ssh ïåðåâåñèòü íà íåñòàíäàðòíûé ïîðò?

BTW âîïðîñ: ìîæíî ëè ñäåëàòü òàê, ÷òîáû SSH íå îòäàâàë ñåðòèôèêàò? ò.å. ÷òîáû êííåêòèòñÿ ìîæíî áûëî òîëüêî ñ ìàøèíû, íà êîòîðîé ñòîèò çàùèùåííûé ïàðîëåì ñåðòèôèêàò (âçÿòûé ó êîãî-òî èëè ãäå-òî, ò.å. íå ïîëó÷åííûé îò ÑÑØ)?

BTW âîïðîñ2: êàê ñäåëàòü ÷òîáû íåëüçÿ áûëî äåëàòü SSH-Òóííåëè ÷åðåç putty ? (ïî äåôàëòó ìîæíî - â ïóòòè â ãðàôå tunnles. ïðîâåðÿë - ïàøåò.)

Thread: Áåçîïàñíîñòü SSH (dropbear)

Thread Tools

Rate This Thread

Display

Hybrid View

Áåçîïàñíîñòü SSH (dropbear)

Õàêåðû âçëîìàëè ðîóòåð? Ïîñìîòðèì ëîãè...

Similar Threads

Âíèìàíèå! Áåçîïàñíîñòü Linux-based MIPSel ðîóòåðîâ!

Tags for this Thread

Posting Permissions