On Wed, 17 Sep 2003, Avleen Vig wrote:

>
> On Tue, Sep 16, 2003 at 03:50:04PM -0400, [EMAIL PROTECTED] wrote:
> > A posting to full-disclosure quotes Theo as saying HP and Cisco are affected,
> > and I don't see any reason that Juniper would *NOT* be, given the common code
> > base of the OpenSSH implementations.  I'm not going to say the routers are
> > vulnerable, but I *would* say that ACLs blocking port 22 to the router might
> > be a good idea.....
>
> Isn't this a common practice anyway? Has been anywhere sensible I've
> seen :-)

I thought the whole purpose of running sshd on your router (or any box for
that matter) is to be able to access it securely from remote locations.
Of course, you could ssh to your patched unix box from outside (assuming
your internal network is ok), then ssh back to the router, but you might
as well just use telnet then (assuming a properly switched and vlan'd
LAN).

James Smallacombe                     PlantageNet, Inc. CEO and Janitor
[EMAIL PROTECTED]                                                           http://3.am
=========================================================================

Reply via email to