OpenSSH 3.0.3 is available from OpenSSH.Org. There is a prebuilt RPM for it at: http://www.haoli.org/rpm/redhat-7.x/RPMS/i386/openssh-3.0.1p1-1.i386.rpm . Why doesn't Red Hat just put this RPM into the base system? They might as well give all the newbies out there a more secure system out of the box. That's just my 0.02 cents worth.
-- Jonathan -- H | "Life is the art of drawing without an eraser." - John Gardner +-------------------------------------------------------------------- Jonathan M. Slivko <mailto:[EMAIL PROTECTED]> . 877.211.7842 Director of Internet Operations / SysAdmin . 877.211.7842 Voyager Internet Services . Post Office Box 250167 http://www.voyageri.net ... . . . New York, NY 10025, U.S.A. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Rodolfo J. Paiz Sent: Friday, January 25, 2002 11:16 AM To: [EMAIL PROTECTED] Subject: Re: openssh version, scanssh, protocol 2 questions At 1/25/2002 08:26 AM -0500, you wrote: >I know there has been released a newer version of openssh but is my >version up-to-date enough? Can someone explain to me why people use >scanssh and what is going on here? What does retricting to just protocol 2 >do for me? 1. Although I can't speak with authority, I'd be comfortable that 2.9p2 is up-to-date enough since that's the version posted for Red Hat 7.2. 2. People are scanning you to try to crack your machine, then either use it to launch other attacks, or destroy or mangle your system just to prove they can and compensate for needle-dick complex. (Or teeny-tit complex for the females among them.) 3. There have been a couple of flaws found in the SSH-1 protocol that make it unsafe (or less safe) to use, and all of the tools that you use are capable of using the newer SSH-2 protocol. So you are disallowing the older, less safe protocol to make sure you are not vulnerable to those flaws. -- Rodolfo J. Paiz [EMAIL PROTECTED] _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
