Hi all!
After the woody security fix of ssh (new version 3.4p1-1.1) we cannot
use HostBased Authentication for SSH V.2. There was no change in the
configuration files or the host keys, besides, interestingly the
/etc/ssh/ssh_host_key
(responsible for V.1 authentication, thus uninteresing
Hi Guys,
This might be a longshot, but is there an update for potato? Is it
vulnerable?
I unfortunately still have a few clients running potato boxes. :(
I didnt see anything about potato in the DSA.
On a more general note, is potato still supported by the Security Team?
If not then I will defi
On Tue, Sep 16, 2003 at 09:51:43PM +0200, Matthias Merz wrote:
> So only one problem remains: The version in woody-proposed-updates is
> 1:3.4p1-1.woody.1 which is "newer" than the patched version. So I had to
> manually "downgrade" my proposed-updates-version to get the fix.
> (apt-get dist-upgrad
On Tue, Sep 16, 2003 at 01:10:34PM -0400, Dossy wrote:
> On 2003.09.16, Christian Hammers <[EMAIL PROTECTED]> wrote:
> > The new version has already been installed. This was quick. Good work,
> > security team.
> >
> > openssh (1:3.4p1-1.1) stable-security; urgency=high
> >
> > * NMU by the se
On Tue, Sep 16, 2003 at 05:31:06PM +0200, Christian Hammers wrote:
> The new version has already been installed. This was quick. Good work,
> security team.
>
> openssh (1:3.4p1-1.1) stable-security; urgency=high
>
> * NMU by the security team.
> * Merge patch from OpenBSD to fix a security
Hello there,
Christian Hammers schrieb:
>
> On Tue, Sep 16, 2003 at 04:00:30PM +0100, Thomas Horsten wrote:
> > On Tue, 16 Sep 2003, Alexander Neumann wrote:
> >
> > > According to Wichert, the security team is already working on an update.
>
> The new version has already been installed. This wa
Hi Guys,
This might be a longshot, but is there an update for potato? Is it
vulnerable?
I unfortunately still have a few clients running potato boxes. :(
I didnt see anything about potato in the DSA.
On a more general note, is potato still supported by the Security Team?
If not then I will defi
Hello there,
Christian Hammers schrieb:
>
> On Tue, Sep 16, 2003 at 04:00:30PM +0100, Thomas Horsten wrote:
> > On Tue, 16 Sep 2003, Alexander Neumann wrote:
> >
> > > According to Wichert, the security team is already working on an update.
>
> The new version has already been installed. This wa
Sven Hoexter wrote:
> On Wed, Sep 03, 2003 at 11:20:45AM +0200, Matthias Faulstich wrote:
>
> Hi,
>
>> does anybody know, whether the chroot-patch will be included in
>> future versions of the official ssh package?
> To me it looks like you can do the same thing without patching the
> sshd if you
On Tue, Sep 16, 2003 at 11:59:34AM -0700, TongKe Xue wrote:
> Hello,
Hi,
> On a slightly off topic note, I'm thinking about running an
> ftp/http/ssh server for personal use in college. What precautionary
> measures should I take, or rather can I take? From reading over the
> various Slashdot p
TongKe Xue <[EMAIL PROTECTED]> writes:
> When I read slashdot this morning, I thought the article titled
> "New ssh Exploit in the Wild" implied that an exploit was already out
> ...
Exactly.
> or does "in the Wild" generally mean it's theoretically possible,
> but not necessairly done yet?
N
Sven Hoexter wrote:
> On Wed, Sep 03, 2003 at 11:20:45AM +0200, Matthias Faulstich wrote:
>
> Hi,
>
>> does anybody know, whether the chroot-patch will be included in
>> future versions of the official ssh package?
> To me it looks like you can do the same thing without patching the
> sshd if you
## Jean Charles Delepine ([EMAIL PROTECTED]):
> Same for most boxes here but there seem to be a versioning conflict
> between security update and woody proposed update :
I stumbled over this earlier this year. In short, "proposed-updates
is NOT meant to be added by users." (Martin Schulze).
http:
On Tue, Sep 16, 2003 at 11:59:34AM -0700, TongKe Xue wrote:
> Hello,
Hi,
> On a slightly off topic note, I'm thinking about running an
> ftp/http/ssh server for personal use in college. What precautionary
> measures should I take, or rather can I take? From reading over the
> various Slashdot p
TongKe Xue <[EMAIL PROTECTED]> writes:
> When I read slashdot this morning, I thought the article titled
> "New ssh Exploit in the Wild" implied that an exploit was already out
> ...
Exactly.
> or does "in the Wild" generally mean it's theoretically possible,
> but not necessairly done yet?
N
## Jean Charles Delepine ([EMAIL PROTECTED]):
> Same for most boxes here but there seem to be a versioning conflict
> between security update and woody proposed update :
I stumbled over this earlier this year. In short, "proposed-updates
is NOT meant to be added by users." (Martin Schulze).
http:
* Dossy ([EMAIL PROTECTED]) wrote:
> Eek. So, if we want to run secure systems, we either have to run
> unstable (and all the troubles that comes with) or stable? I find that
Old news... Sorry.
Stephen
pgpvTdoiywATE.pgp
Description: PGP signature
Quoting Dossy ([EMAIL PROTECTED]):
> Eek. So, if we want to run secure systems, we either have to run
> unstable (and all the troubles that comes with) or stable?
The Security Team FAQ addresses this:
http://www.debian.org/security/faq#testing
Q: How is security handled for testing and unsta
Dossy wrote:
On 2003.09.16, Stephen Frost <[EMAIL PROTECTED]> wrote:
Is 3.6.1p2-3 vulnerable? For those of us who want security, must we
downgrade to 3.4p1-1.1 or build from source after patching by hand? Or
will this security fix be applied to sarge as well?
There's at least a version o
* Dossy ([EMAIL PROTECTED]) wrote:
> Eek. So, if we want to run secure systems, we either have to run
> unstable (and all the troubles that comes with) or stable? I find that
Old news... Sorry.
Stephen
pgp0.pgp
Description: PGP signature
Quoting Dossy ([EMAIL PROTECTED]):
> Eek. So, if we want to run secure systems, we either have to run
> unstable (and all the troubles that comes with) or stable?
The Security Team FAQ addresses this:
http://www.debian.org/security/faq#testing
Q: How is security handled for testing and unsta
Dossy wrote:
On 2003.09.16, Stephen Frost <[EMAIL PROTECTED]> wrote:
Is 3.6.1p2-3 vulnerable? For those of us who want security, must we
downgrade to 3.4p1-1.1 or build from source after patching by hand? Or
will this security fix be applied to sarge as well?
There's at least a version on inc
Hello all,
Is there a plan to update ssh-krb5 to handle the new buffer overflow, or is
this already done in 3.4p1-0wood?
Thanks,
David Sayre
Los Alamos National Labs
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Hello all,
Is there a plan to update ssh-krb5 to handle the new buffer overflow, or is
this already done in 3.4p1-0wood?
Thanks,
David Sayre
Los Alamos National Labs
Christian Hammers <[EMAIL PROTECTED]> écrivait (wrote) :
> On Tue, Sep 16, 2003 at 04:00:30PM +0100, Thomas Horsten wrote:
> > On Tue, 16 Sep 2003, Alexander Neumann wrote:
> >
> > > According to Wichert, the security team is already working on an update.
> >
> > Is there an emergency patch/work
Christian Hammers <[EMAIL PROTECTED]> écrivait (wrote) :
> On Tue, Sep 16, 2003 at 04:00:30PM +0100, Thomas Horsten wrote:
> > On Tue, 16 Sep 2003, Alexander Neumann wrote:
> >
> > > According to Wichert, the security team is already working on an update.
> >
> > Is there an emergency patch/work
Josh Carroll <[EMAIL PROTECTED]> writes:
> Actually, people have reported that there is an exploit, and in fact
> even OpenBSD is vulnerable.
Yes, I've seen these claims, but you have to keep in mind that not
everyone who posts to mailing lists is entirely honest. 8-)
Early claims such as "*BDDs
On Tue, 16 Sep 2003, Josh Carroll wrote:
> Actually, people have reported that there is an exploit, and in fact
> even OpenBSD is vulnerable.
A number of people have claimed that others have said it is exploitable.
This is quite a common occurance with well publicised exploits.
I've seen no proo
Josh Carroll <[EMAIL PROTECTED]> writes:
> Actually, people have reported that there is an exploit, and in fact
> even OpenBSD is vulnerable.
Yes, I've seen these claims, but you have to keep in mind that not
everyone who posts to mailing lists is entirely honest. 8-)
Early claims such as "*BDDs
Quoting Stephen Frost ([EMAIL PROTECTED]):
> There's at least a version on incoming.debian.org which has the version
> for unstable. I don't know what to tell you about testing/sarge. I'm
> sure it will be in before release but beyond that I've no idea when it
> will make it into testing.
The v
Hello,
I don't really know much about computer security, but I do have ssh
installed on my computer so I'm somewhat concerned, please forgive my
stupidity if I ask questions that seem stupid, ignorant or trivial.
When I read slashdot this morning, I thought the article titled
"New ssh Exploit
On Tue, 16 Sep 2003, Josh Carroll wrote:
> Actually, people have reported that there is an exploit, and in fact
> even OpenBSD is vulnerable.
A number of people have claimed that others have said it is exploitable.
This is quite a common occurance with well publicised exploits.
I've seen no proo
On 2003.09.16, Stephen Frost <[EMAIL PROTECTED]> wrote:
> > Is 3.6.1p2-3 vulnerable? For those of us who want security, must we
> > downgrade to 3.4p1-1.1 or build from source after patching by hand? Or
> > will this security fix be applied to sarge as well?
>
> There's at least a version on inc
* Ted Roby ([EMAIL PROTECTED]) [030916 19:05]:
> Does this vulnerability require a login? Is a system safe if it does not
> allow root login, and password logins?
No. (And: The patch is uploaded to stable-security, and to unstable,
so just upgrade.)
Cheers,
Andi
--
http://home.arcor.de/andre
Quoting Stephen Frost ([EMAIL PROTECTED]):
> There's at least a version on incoming.debian.org which has the version
> for unstable. I don't know what to tell you about testing/sarge. I'm
> sure it will be in before release but beyond that I've no idea when it
> will make it into testing.
The v
Hello,
I don't really know much about computer security, but I do have ssh
installed on my computer so I'm somewhat concerned, please forgive my
stupidity if I ask questions that seem stupid, ignorant or trivial.
When I read slashdot this morning, I thought the article titled
"New ssh Exploit
On 2003.09.16, Stephen Frost <[EMAIL PROTECTED]> wrote:
> > Is 3.6.1p2-3 vulnerable? For those of us who want security, must we
> > downgrade to 3.4p1-1.1 or build from source after patching by hand? Or
> > will this security fix be applied to sarge as well?
>
> There's at least a version on inc
* Ted Roby ([EMAIL PROTECTED]) [030916 19:05]:
> Does this vulnerability require a login? Is a system safe if it does not
> allow root login, and password logins?
No. (And: The patch is uploaded to stable-security, and to unstable,
so just upgrade.)
Cheers,
Andi
--
http://home.arcor.de/andre
On Tue, Sep 16, 2003 at 07:29:33PM +0200, Jan Niehusmann wrote:
> On Tue, Sep 16, 2003 at 01:10:34PM -0400, Dossy wrote:
> > Is 3.6.1p2-3 vulnerable? For those of us who want security, must we
> > downgrade to 3.4p1-1.1 or build from source after patching by hand? Or
> > will this security fix be
* Dossy ([EMAIL PROTECTED]) wrote:
> On 2003.09.16, Christian Hammers <[EMAIL PROTECTED]> wrote:
> > The new version has already been installed. This was quick. Good work,
> > security team.
> >
> > openssh (1:3.4p1-1.1) stable-security; urgency=high
> >
> > * NMU by the security team.
> > *
Actually, people have reported that there is an exploit, and in fact even
OpenBSD is vulnerable.
I would still patch ASAP. Best not to risk it.
It's probably a matter of time before a widely available exploit is released.
Right now it seems
it's in the hands of a select few, but that will proba
On Tue, Sep 16, 2003 at 01:10:34PM -0400, Dossy wrote:
> Is 3.6.1p2-3 vulnerable? For those of us who want security, must we
> downgrade to 3.4p1-1.1 or build from source after patching by hand? Or
> will this security fix be applied to sarge as well?
I guess the patch will apply to sarge as wel
Ted Roby <[EMAIL PROTECTED]> writes:
> Does this vulnerability require a login? Is a system safe if it does not
> allow root login, and password logins?
Nobody knows the answer at the moment. There isn't any obvious way to
exploit the overflow (mind that the attacker cannot write arbitrary
data,
On 2003.09.16, Christian Hammers <[EMAIL PROTECTED]> wrote:
> The new version has already been installed. This was quick. Good work,
> security team.
>
> openssh (1:3.4p1-1.1) stable-security; urgency=high
>
> * NMU by the security team.
> * Merge patch from OpenBSD to fix a security problem
> > does anybody know, whether the chroot-patch will be included in future
> > versions of the official ssh package?
What does this patch do?
Voodooman
On Tue, Sep 16, 2003 at 07:29:33PM +0200, Jan Niehusmann wrote:
> On Tue, Sep 16, 2003 at 01:10:34PM -0400, Dossy wrote:
> > Is 3.6.1p2-3 vulnerable? For those of us who want security, must we
> > downgrade to 3.4p1-1.1 or build from source after patching by hand? Or
> > will this security fix be
* Dossy ([EMAIL PROTECTED]) wrote:
> On 2003.09.16, Christian Hammers <[EMAIL PROTECTED]> wrote:
> > The new version has already been installed. This was quick. Good work,
> > security team.
> >
> > openssh (1:3.4p1-1.1) stable-security; urgency=high
> >
> > * NMU by the security team.
> > *
Actually, people have reported that there is an exploit, and in fact even OpenBSD is
vulnerable.
I would still patch ASAP. Best not to risk it.
It's probably a matter of time before a widely available exploit is released. Right
now it seems
it's in the hands of a select few, but that will proba
On Tue, 16 Sep 2003, Steve Suehring wrote:
> Nice job to debian security team again.
Indeed. The level of commitment routinely shown by the folks on the
security team is nothing short of astounding.
On Tuesday, Sep 16, 2003, at 08:34 US/Pacific, Andreas Barth wrote:
* Thomas Horsten ([EMAIL PROTECTED]) [030916 17:32]:
Is there an emergency patch/workaround for this, if disabling ssh is
not
an option? Are systems with Privilege Separation affected?
Filtering access to allow only trusted
Mental Patient <[EMAIL PROTECTED]> [2003:09:16:10:22:01-0400] scribed:
> see tinyurl.com/nios
>
> Sorry if this is a rehash, but I dont recall seeing a discussion and I'd
> really like to think my stable boxes are safe :)
>
> I know several people that are being attacked/had to patch ssh/filter
On Tue, 16 Sep 2003, Steve Suehring wrote:
> Actually, there is a patch for buffer.c:
> http://www.freebsd.org/cgi/cvsweb.cgi/src/crypto/openssh/buffer.c.diff?r1=1.1.1.6&r2=1.1.1.7&f=h
>
> I've applied that patch to woody's ssh source, rebuilt it, and installed
> it on a number of servers already.
On Wed, Sep 03, 2003 at 11:20:45AM +0200, Matthias Faulstich wrote:
> Hello,
>
> does anybody know, whether the chroot-patch will be included in future
> versions of the official ssh package?
Very unlikely unless you get it accepted by upstream. Doing this is the
right thing to do anyway.
--
C
On Fri, Sep 12, 2003 at 03:47:32PM +0300, Juha J?ykk? wrote:
> It seems I have managed to hit the ages-old problem of not being able to
> enforce changing of expired passwords when logging in via ssh.
>
> This problem existed years ago in potato but I cannot seem to find any
> mention of its exist
On Tue, Sep 16, 2003 at 04:49:19PM +0100, Thomas Horsten wrote:
> Thanks, apt-get upgrade worked for me. I guess we'll find out soon enough
> if it was the correct patch...
>
> Good work on getting it integrated so quickly!
Heh. I can't take any credit for this. That's the work of the debian
s
* Thomas Horsten ([EMAIL PROTECTED]) [030916 17:32]:
> Is there an emergency patch/workaround for this, if disabling ssh is not
> an option? Are systems with Privilege Separation affected?
Filtering access to allow only trusted machines. But please remember:
Each allowed machine could exploit your
On Tue, Sep 16, 2003 at 04:00:30PM +0100, Thomas Horsten wrote:
> Is there an emergency patch/workaround for this, if disabling ssh is not
> an option? Are systems with Privilege Separation affected?
There's already a new package on security.debian.org. I can't
vouch for it myself, but here's the
On Tue, Sep 16, 2003 at 01:10:34PM -0400, Dossy wrote:
> Is 3.6.1p2-3 vulnerable? For those of us who want security, must we
> downgrade to 3.4p1-1.1 or build from source after patching by hand? Or
> will this security fix be applied to sarge as well?
I guess the patch will apply to sarge as wel
On Maw, 2003-09-16 at 16:26, Michael Stone wrote:
> On Tue, Sep 16, 2003 at 04:00:30PM +0100, Thomas Horsten wrote:
> >Is there an emergency patch/workaround for this, if disabling ssh is not
> >an option?
>
> No.
You could install Openssh 3.7 manually, or apply the patch mentioned at
http://www
On Tue, Sep 16, 2003 at 11:26:52AM -0400, Michael Stone wrote:
> On Tue, Sep 16, 2003 at 04:00:30PM +0100, Thomas Horsten wrote:
> >Is there an emergency patch/workaround for this, if disabling ssh is not
> >an option?
>
> No.
>
Actually, there is a patch for buffer.c:
http://www.freebsd.org/cg
Ted Roby <[EMAIL PROTECTED]> writes:
> Does this vulnerability require a login? Is a system safe if it does not
> allow root login, and password logins?
Nobody knows the answer at the moment. There isn't any obvious way to
exploit the overflow (mind that the attacker cannot write arbitrary
data,
On Tue, Sep 16, 2003 at 04:00:30PM +0100, Thomas Horsten wrote:
> On Tue, 16 Sep 2003, Alexander Neumann wrote:
>
> > According to Wichert, the security team is already working on an update.
>
> Is there an emergency patch/workaround for this, if disabling ssh is not
> an option? Are systems with
On Tue, Sep 16, 2003 at 04:00:30PM +0100, Thomas Horsten wrote:
Is there an emergency patch/workaround for this, if disabling ssh is not
an option?
No.
Are systems with Privilege Separation affected?
Yes, as far as I know.
Mike Stone
On 2003.09.16, Christian Hammers <[EMAIL PROTECTED]> wrote:
> The new version has already been installed. This was quick. Good work,
> security team.
>
> openssh (1:3.4p1-1.1) stable-security; urgency=high
>
> * NMU by the security team.
> * Merge patch from OpenBSD to fix a security problem
On Tue, 16 Sep 2003, Alexander Neumann wrote:
> According to Wichert, the security team is already working on an update.
Is there an emergency patch/workaround for this, if disabling ssh is not
an option? Are systems with Privilege Separation affected?
Thanks,
Thomas
> > does anybody know, whether the chroot-patch will be included in future
> > versions of the official ssh package?
What does this patch do?
Voodooman
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Hi,
Mental Patient wrote:
> see tinyurl.com/nios
>
> Sorry if this is a rehash, but I dont recall seeing a discussion and I'd
> really like to think my stable boxes are safe :)
>
> I know several people that are being attacked/had to patch ssh/filter
> traffic.
According to Wichert, the secur
On Tue, 16 Sep 2003, Steve Suehring wrote:
> Nice job to debian security team again.
Indeed. The level of commitment routinely shown by the folks on the
security team is nothing short of astounding.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Cont
On Tuesday, Sep 16, 2003, at 08:34 US/Pacific, Andreas Barth wrote:
* Thomas Horsten ([EMAIL PROTECTED]) [030916 17:32]:
Is there an emergency patch/workaround for this, if disabling ssh is
not
an option? Are systems with Privilege Separation affected?
Filtering access to allow only trusted machi
Mental Patient <[EMAIL PROTECTED]> [2003:09:16:10:22:01-0400] scribed:
> see tinyurl.com/nios
>
> Sorry if this is a rehash, but I dont recall seeing a discussion and I'd
> really like to think my stable boxes are safe :)
>
> I know several people that are being attacked/had to patch ssh/filter
On Tue, 16 Sep 2003, Steve Suehring wrote:
> Actually, there is a patch for buffer.c:
> http://www.freebsd.org/cgi/cvsweb.cgi/src/crypto/openssh/buffer.c.diff?r1=1.1.1.6&r2=1.1.1.7&f=h
>
> I've applied that patch to woody's ssh source, rebuilt it, and installed
> it on a number of servers already.
On Wed, Sep 03, 2003 at 11:20:45AM +0200, Matthias Faulstich wrote:
> Hello,
>
> does anybody know, whether the chroot-patch will be included in future
> versions of the official ssh package?
Very unlikely unless you get it accepted by upstream. Doing this is the
right thing to do anyway.
--
C
On Fri, Sep 12, 2003 at 03:47:32PM +0300, Juha J?ykk? wrote:
> It seems I have managed to hit the ages-old problem of not being able to
> enforce changing of expired passwords when logging in via ssh.
>
> This problem existed years ago in potato but I cannot seem to find any
> mention of its exist
see tinyurl.com/nios
Sorry if this is a rehash, but I dont recall seeing a discussion and I'd
really like to think my stable boxes are safe :)
I know several people that are being attacked/had to patch ssh/filter
traffic.
--
Mental ([EMAIL PROTECTED])
"The Torah... The Gospels... The
On Tue, Sep 16, 2003 at 04:49:19PM +0100, Thomas Horsten wrote:
> Thanks, apt-get upgrade worked for me. I guess we'll find out soon enough
> if it was the correct patch...
>
> Good work on getting it integrated so quickly!
Heh. I can't take any credit for this. That's the work of the debian
s
* Thomas Horsten ([EMAIL PROTECTED]) [030916 17:32]:
> Is there an emergency patch/workaround for this, if disabling ssh is not
> an option? Are systems with Privilege Separation affected?
Filtering access to allow only trusted machines. But please remember:
Each allowed machine could exploit your
On Tue, Sep 16, 2003 at 11:26:52AM -0400, Michael Stone wrote:
> On Tue, Sep 16, 2003 at 04:00:30PM +0100, Thomas Horsten wrote:
> >Is there an emergency patch/workaround for this, if disabling ssh is not
> >an option?
>
> No.
>
Actually, there is a patch for buffer.c:
http://www.freebsd.org/cg
On Tue, Sep 16, 2003 at 04:00:30PM +0100, Thomas Horsten wrote:
> Is there an emergency patch/workaround for this, if disabling ssh is not
> an option? Are systems with Privilege Separation affected?
There's already a new package on security.debian.org. I can't
vouch for it myself, but here's the
On Maw, 2003-09-16 at 16:26, Michael Stone wrote:
> On Tue, Sep 16, 2003 at 04:00:30PM +0100, Thomas Horsten wrote:
> >Is there an emergency patch/workaround for this, if disabling ssh is not
> >an option?
>
> No.
You could install Openssh 3.7 manually, or apply the patch mentioned at
http://www
On Tue, Sep 16, 2003 at 04:00:30PM +0100, Thomas Horsten wrote:
> On Tue, 16 Sep 2003, Alexander Neumann wrote:
>
> > According to Wichert, the security team is already working on an update.
>
> Is there an emergency patch/workaround for this, if disabling ssh is not
> an option? Are systems with
On Tue, Sep 16, 2003 at 04:00:30PM +0100, Thomas Horsten wrote:
Is there an emergency patch/workaround for this, if disabling ssh is not
an option?
No.
Are systems with Privilege Separation affected?
Yes, as far as I know.
Mike Stone
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject
On Tue, 16 Sep 2003, Alexander Neumann wrote:
> According to Wichert, the security team is already working on an update.
Is there an emergency patch/workaround for this, if disabling ssh is not
an option? Are systems with Privilege Separation affected?
Thanks,
Thomas
--
To UNSUBSCRIBE, email
Hi,
Mental Patient wrote:
> see tinyurl.com/nios
>
> Sorry if this is a rehash, but I dont recall seeing a discussion and I'd
> really like to think my stable boxes are safe :)
>
> I know several people that are being attacked/had to patch ssh/filter
> traffic.
According to Wichert, the secur
see tinyurl.com/nios
Sorry if this is a rehash, but I dont recall seeing a discussion and I'd
really like to think my stable boxes are safe :)
I know several people that are being attacked/had to patch ssh/filter
traffic.
--
Mental ([EMAIL PROTECTED])
"The Torah... The Gospels... The Kor
84 matches
Mail list logo