On Monday 15 September 2003 16:26, Louie Miranda wrote: > What crap?.. "telnet has no place in a secure network"? oh.. Pati ssh. > Even remote shell (SSHd) tool can be compromised ;). Its a fact. In time > may darating na exploit for it, we all know that.
which reminds me. there are rumbles on full-disclosure about a possible remote root exploit on the latest version of ssh, even with privilege separation enabled. anyone seen anything more about this? one post said something about massive amounts of connections to the ssh port and then testing with many different offsets. workarounds: block ssh on the edges of your network, and on individual boxes with ssh daemons, allow ssh access only from trusted hosts via the firewall (block everything, allow only acceptable requests through at the firewall). tiger -- Gerald Timothy Quimpo gquimpo*hotmail.com tiger*sni*ph http://bopolissimus.sni.ph Public Key: "gpg --keyserver pgp.mit.edu --recv-keys 672F4C78" The difficult we do today. The impossible takes a little longer. -- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
