All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Can a Live DVD of Ubuntu 14.04 be hacked? Got a abuse message from Hetzner/BSI
I got this Abuse message from German Federal Office for Information Security (BSI)
Dear Sir or Madam,
>
Multicast DNS (mDNS) is used for resolving host names to IP addresses
within small networks that do not include a local DNS server. It is
implemented for example by the Apple 'Bonjour' and Linux/BSD 'Avahi'
(nss-mdns) services. mDNS uses port 5353/udp.
>
In addition to disclosing information about the system/network,
mDNS services openly accessible from anywhere on the Internet can be
abused for DDoS reflection attacks against third parties.
>
Please find below a list of affected systems hosted on your network.
The timestamp (timezone UTC) indicates when the openly accessible
mDNS service was identified.
I also got a timestamp with a IP and MAC, so I know that the IP in this message was running a Live DVD of Ubuntu 14.04 (I used it to DD copy a template from a VM to my FTP server) at that time.
So my question is, can I be hacked using "Try Ubunty" from the Live DVD og Ubuntu 14.04?
And if yes, will it help if I change the root password while I'm running the trial?
Or are the other ways to stop it from happening?
This is the second time the same IP has been hacked. The first time was when I tried a template with a default password, and forgot to turn it off. Then somebody got access and started spamming via NetBIOS. I discovered that the Windows VM was taken over after a couple of hours, but got a message from German Federal Office for Information Security (BSI) then also with a time stamp and IP info like now.
Maybe I should get rid of this IP and get a new one? Or do people just scan all Hetzner subnets all the time?
Comments
OK, so this service run default on Ubuntu 14.04 then?
When I use the "Try Ubuntu" function on the Live DVD I do not change any info, since you don't need any username and/or password for running the trial.
you should use a newer version of ubuntu.
For what it's worth, Avahi is written by the same idiot who brought you systemd- so the likelyhood that it can be abused is high.
I only use it from the .iso file when I copy the template from the VM to my FTP server.
And of some strange reason
apt-get install sshfs
do not work on Ubuntu 16.04/16.10 on Hetzner, only on Ubuntu 14.04 (I'm talking about when I run Ubuntu from the .iso file using "Try Ubuntu" not about a installed and running Ubuntu version.Running like this on a publicly accessible server is wrong in so many ways as the iso is probably old and vulnerable. Leaving the default credentials on is just the icing on the cake.
Someone can connect and use it as a proxy for whatever nefarious purposes and you will get the blame for it.
Running a live ISO in a vm or computer is good for not leaving any tracks or changes, however, publicly accessible, no-no-no!
I only run it for 30-60 minutes at the time, when I copy the templates from my VMs to my FTP server.
Like I said over, I need ssfhs to copy over the template from my VM to my FTP server, and on 16.04 and 16.10 I only get this error when I try to install ssfhs:
I just also tried 17.04 beta2, and get the same error there. It's very strange, since I know other have it working, but it's seems like on Hetzner, sshfs is just working on 14.04 and that's it.
What other way can I use to create templates from my VMs and DD copy them over to my FTP server?
Have you learned how to add repos?
Failing that.. you've learned how to update existing repos?
On CentOS yes, on Ubuntu no - just use Ubuntu for this task only, never installed it on a running VM.
How can I add repos and will this solve my issue?
I can almost guarantee you'll get a working sshfs by adding a PPA..
https://help.ubuntu.com/community/Repositories/Ubuntu
And what PPA to use? No links to PPA in that guide.
And I also get this error when I use
apt-get update
...or by running apt-get update before apt-get install to update your package lists. sshfs is no longer included in the Live ISO.
Good to know. I don't use Ubuntu Live distros.
That do not work, see the image posted over your post. I only get an error trying that.
But I have found a solution.
I use
add-apt-repository "deb http://us.archive.ubuntu.com/ubuntu/ xenial universe multiverse"
sudo add-apt-repository "deb http://us.archive.ubuntu.com/ubuntu/ xenial-updates universe multiverse"
then
apt-get update
And then sshfs is working on 16.04.2 also.
And just found out that I could do the same with CentOS 6.8 LiveCD...
Don't know why I have used Ubuntu all the time...
Using an old live CD is bad... because it's old. However, you can use a new live CD, secure it by changing passwords, updating, changing ports, iptables, and so on.
By the time you made all configurations, you will realize you would be better to install the newest OS, and keep all those configurations and data on disk.
But I think you really don't understand what I'm doing here.
I have several VMs on my server, running different Windows versions. I use these VMs to create Windows templates for Kimsufi, OVH, Hetzner and so on.
Creating these templates, I need to use
sshfs
so I can mount the system and DD copy the files from the VM to my FTP Server.This take around 30-60 minutes each time I make a new/updated template.
So I can't install Linux on the VM, the only way is to run it from a LiveCD.
But I have now solved the issue with the new LiveCD versions. I can now use Ubuntu 16.04.2 or I can use CentOS 6.8/7.2
Yeah I had to start using Debian or older Ubuntu Mate live cds for sshfs, glad someone has the commands to get it working on the newer livecds