>> Just hope that any OpenSSH vulnerabilities (which Sun SSH is based upon) >> are fixed and your systems patched before you get hit. >> > >Thankfully I run openssh-4.7,REV=2007.12.26_rev=p1 ( from Blastwave.org ) >pretty much everywhere and I disable the SunSSH entirely. It is updated too >slowly for my tastes. Also I try to watch the IPFilter maillists closely and
hi Dennis, what are you missing in SunSSH now? >while I know that Darren Reed is a Sun guy now I don't think that the >ipfilter in Solaris is anywhere kept up to date. > >So long as the door is slammed shut I'm safe. I hope. the fact that you run latest OpenSSH version doesn't necessarily mean that you are safer than if running SunSSH. CVE-2007-4752 is an example of that. And yes, SunSSH doesn't follow all OpenSSH changes but that's not a bad thing as such. Jan. -- Jan Pechanec _______________________________________________ opensolaris-discuss mailing list opensolaris-discuss@opensolaris.org