>> Just hope that any OpenSSH vulnerabilities (which Sun SSH is based upon)
>> are fixed and your systems patched before you get hit.
>>
>
>Thankfully I run openssh-4.7,REV=2007.12.26_rev=p1 ( from Blastwave.org )
>pretty much everywhere and I disable the SunSSH entirely. It is updated too
>slowly for my tastes. Also I try to watch the IPFilter maillists closely and
hi Dennis, what are you missing in SunSSH now?
>while I know that Darren Reed is a Sun guy now I don't think that the
>ipfilter in Solaris is anywhere kept up to date.
>
>So long as the door is slammed shut I'm safe. I hope.
the fact that you run latest OpenSSH version doesn't necessarily
mean that you are safer than if running SunSSH. CVE-2007-4752 is an example
of that. And yes, SunSSH doesn't follow all OpenSSH changes but that's not a
bad thing as such.
Jan.
--
Jan Pechanec
_______________________________________________
opensolaris-discuss mailing list
opensolaris-discuss@opensolaris.org
