"No Unix or Cmd Line Knowledge necessary"

Which is EXACTLY why you should not use this appliance.

1) There is absolutely no security, server hardening or firewall.

2) There is no mention of the root password by enspeed, but
it is soo WEAK, **** ANYONE **** can figure it out....."enspeed"
(which has been posted elsewhere here)

3) Not surprising that it only took 3 days after I installed this appliance
for MULTIPLE SCRIPT KIDDIES to hack this appliance.

So, if you do use this appliance, you better KNOW Linux and be able to SECURE your server

Just my 2 cents....

"It would appear that you enabled ssh"

NO, *** YOU **** HAVE SSH ENABLED !!!!

"and I trust you will be more cautious about opening up ssh without changing the default root password."

NO, I trust *** YOU **** will be more cautious in creating Virtual Appliances...

I just downloaded and unrar'd http://www.enspeed.com/enspeedva/cms/alfresco/EnSpeedAlfrescoVA-vmware-v1.rar

Started the appliance using VMware Server Console....

From the console screen I see roll by:

Starting sshd: OK

I then did a CTRL ALT BACKSPACE, from the console (at the IP setup screen).

Logged in as ROOT / ENSPEED

netstat -tanp showed that sshd was indeed RUNNING and LISTENING on port 22

I then changed the IP and SSH'd in using ROOT / ENSPEED

login as: root
root@password:
Last login: Thu Mar 12 14:50:52 2009
root@alfresco ~# netstat -tanp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
.
.
tcp 0 0 :::22 :::* LISTEN 2464/sshd
.
.
tcp 0 4552 ::ffff:xxx.xxx.xxx.xxx:22 ::ffff:xxx.xxx.xxx.xxx:3258 ESTABLISHED 4040/0
root@alfresco ~#

I did NOT change, delete or modify ANYTHING

repeat, I did NOT change, delete or modify ANYTHING

"we mean that we configure the firewall (iptables) to block the ssh port"

Iptables ??? **** YOU ***** have **** NO ***** iptables rules configured !!!!

---

login as: root
root@67.222.128.113's password:
Last login: Thu Mar 12 15:02:16 2009 from 70.89.239.84
root@alfresco ~# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
root@alfresco ~#

---

http://www.enspeed.com/products_alfresco.html

"Full GUI Configuration is included in the virtual appliance. "
"You will not need to log into the underlying linux system to permform any administration tasks."

"The Virtual Appliance starts up and displays the single configuration and status page."
"At this point, please configure networking for the Virtual Appliance."
"You may choose a DHCP Configuration as shown in Screen Capture 2 below, or a static IP address."

FACTS:

1) SSH is enabled/open by default.

2) There is NO use of iptables to BLOCK ANYTHING.

3) The root password "enspeed" is NOT mentioned ANYWHERE in the above link.

4) All the "Full" GUI configuration allows you to do is setup the NETWORK, IP/MASK/GATEWAY/DNS

SO, right now there are people who have **** YOUR **** appliance connected to the internet,
with SSH PORT 22 WIDE OPEN, BY DEFAULT !!!!, setup with an easy for hackers to figure out ROOT password,
"enspeed", where "No Unix or Cmd Line Knowledge necessary", and a "Full" GUI configuration where they
can ONLY change the IP address !!!!!

And you act like **** YOU **** are not at fault ??? !!!!

ARE YOU KIDDING ME !!!!!