> which reminds me. there are rumbles on > full-disclosure about a > possible remote root exploit on the latest > version of ssh, even > with privilege separation enabled. > > anyone seen anything more about this? one post > said something about > massive amounts of connections to the ssh port > and then testing with > many different offsets.
Hi, When i read your message, i run apt-get and was surprised that a newer ssh is avail. from security.debian.org. Opened slashdot, and it's front page right now. > workarounds: block ssh on the edges of your > network, and on individual > boxes with ssh daemons, allow ssh access only > from trusted hosts via > the firewall (block everything, allow only > acceptable requests through at > the firewall). You did not mention to patch ssh. ;) Unless of course it's a prod. server. Also, tcpwrappers with public key authen. is good too. Debian stock ssh is configured to use tcpwrappers. Note to others, openssh install from source does not use tcpwrappers by default. So check/test first before enabling it. regards, Andre -- Philippine Linux Users' Group (PLUG) Mailing List [EMAIL PROTECTED] (#PLUG @ irc.free.net.ph) Official Website: http://plug.linux.org.ph Searchable Archives: http://marc.free.net.ph . To leave, go to http://lists.q-linux.com/mailman/listinfo/plug . Are you a Linux newbie? To join the newbie list, go to http://lists.q-linux.com/mailman/listinfo/ph-linux-newbie
