2009/7/9 Charles Majola <charles.li...@gmail.com>: > >From the LWN article (OpenSSH maintainer Damien Miller), its probably > not real, well just have to wait and see
Agreed. Even if you *do* believe the secer site, look at the particulars. It's a brute force. Properly configure your ssh servers (including rate-limiting, possibly port knocking, key based authentication and u...@host allow statements) and file this under a non-issue. Of course this is all theoretical so far so I suppose everyone is free to wring their hands and gnash their teeth as much as they wish over this. Original CC recipients cut because I'm the guy that can't remember which addresses are subscribed to which lists. kmw -- To take from one, because it is thought that his own industry and that of his fathers has acquired too much, in order to spare to others, who, or whose fathers have not exercised equal industry and skill, is to violate arbitrarily the first principle of association, ‘the guarantee to every one of a free exercise of his industry, & the fruits acquired by it.' _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/