Re: [gentoo-user] how can i tell if a daemon has been patched?
Greg Bolshaw wrote: Nessus *does* check the version string, but only to provide it for your information. It will try to exploit all known bugs in sshd. In my opinion, this is the only way to be certain you're not vulnerable. Search for ssh at http://cgi.nessus.org/plugins/search.html to see a list of the vulns that will be identified. been there, done that. This is what nessus.org has to say: ---snipp--- Note that several distribution patched this hole without changing the version number of OpenSSH. Since Nessus solely relied on the banner of the remote SSH server to perform this check, this might be a false positive. ---snipp--- bye, Christoph -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] how can i tell if a daemon has been patched?
On Tue, 2004-01-13 at 20:11, gabriel wrote: i'm working on a linux box here @work that's running a little-known distro called neos and i'm trying to determine if the ssh daemon that's running on it is free of all the scary bugs that have appeared over the last year. Probably best to install Nessus (http://www.nessus.org/) or similar and scan for vulns in the SSH daemon. -- Kind regards Greg Bolshaw Consultant Linux Technologies http://www.linuxtechnologies.co.uk/ signature.asc Description: This is a digitally signed message part
Re: [gentoo-user] how can i tell if a daemon has been patched?
On Wed, 2004-01-14 at 11:49, Greg Bolshaw wrote: On Tue, 2004-01-13 at 20:11, gabriel wrote: i'm working on a linux box here @work that's running a little-known distro called neos and i'm trying to determine if the ssh daemon that's running on it is free of all the scary bugs that have appeared over the last year. Probably best to install Nessus (http://www.nessus.org/) or similar and scan for vulns in the SSH daemon. Nessus only checks the version string to check if a daemon is vulnerable. Some distro's have backported fixes, so they appear to run a vulnerable verion when they are not. -- __ Guy Van Sanden http://unixmafia.port5.com Registered Linux user #249404 - September 1997 __ -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] how can i tell if a daemon has been patched?
Nessus is a nice util for security testing, maybe the best arround. But if you just wanna know if that sshd is vulnerable do a ssh -V and look for the result, the secure version is 3.7.1p2. Also there is a list for gentoo-servers if you are interested. On Tue, 2004-01-13 at 20:11, gabriel wrote: i'm working on a linux box here @work that's running a little-known distro called neos and i'm trying to determine if the ssh daemon that's running on it is free of all the scary bugs that have appeared over the last year. Probably best to install Nessus (http://www.nessus.org/) or similar and scan for vulns in the SSH daemon. -- Kind regards Greg Bolshaw Consultant Linux Technologies http://www.linuxtechnologies.co.uk/ -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] how can i tell if a daemon has been patched?
On Wed, 2004-01-14 at 11:08, Guy Van Sanden wrote: On Wed, 2004-01-14 at 11:49, Greg Bolshaw wrote: On Tue, 2004-01-13 at 20:11, gabriel wrote: i'm working on a linux box here @work that's running a little-known distro called neos and i'm trying to determine if the ssh daemon that's running on it is free of all the scary bugs that have appeared over the last year. Probably best to install Nessus (http://www.nessus.org/) or similar and scan for vulns in the SSH daemon. Nessus only checks the version string to check if a daemon is vulnerable. Nessus *does* check the version string, but only to provide it for your information. It will try to exploit all known bugs in sshd. In my opinion, this is the only way to be certain you're not vulnerable. Search for ssh at http://cgi.nessus.org/plugins/search.html to see a list of the vulns that will be identified. -- Kind regards Greg Bolshaw Consultant Linux Technologies http://www.linuxtechnologies.co.uk/ signature.asc Description: This is a digitally signed message part
[gentoo-user] how can i tell if a daemon has been patched?
i'm working on a linux box here @work that's running a little-known distro called neos and i'm trying to determine if the ssh daemon that's running on it is free of all the scary bugs that have appeared over the last year. typing sshd -v gives me this: # sshd -v sshd: illegal option -- v sshd version OpenSSH_3.0.2p1 Usage: sshd [options] ... and since i'm running OpenSSH_3.7.1p2 on my gentoo system, i wonder if the above is patched for all the holes. how can i tell? -- the hottest places in hell are reserved for those who in times of great moral crises maintain their neutrality. - dante aleghieri (1265-1321) -- [EMAIL PROTECTED] mailing list
Re: [gentoo-user] how can i tell if a daemon has been patched?
Check the Openssh web site. From: gabriel [EMAIL PROTECTED] Date: 2004/01/13 Tue PM 03:11:36 EST To: [EMAIL PROTECTED] Subject: [gentoo-user] how can i tell if a daemon has been patched? i'm working on a linux box here @work that's running a little-known distro called neos and i'm trying to determine if the ssh daemon that's running on it is free of all the scary bugs that have appeared over the last year. typing sshd -v gives me this: # sshd -v sshd: illegal option -- v sshd version OpenSSH_3.0.2p1 Usage: sshd [options] ... and since i'm running OpenSSH_3.7.1p2 on my gentoo system, i wonder if the above is patched for all the holes. how can i tell? -- the hottest places in hell are reserved for those who in times of great moral crises maintain their neutrality. - dante aleghieri (1265-1321) -- [EMAIL PROTECTED] mailing list -- [EMAIL PROTECTED] mailing list