[ On Thursday, October 12, 2000 at 10:00:10 (-0600), dreamwvr wrote: ]
> Subject: Re: Mandrake ssh security alert
>
> Actually any version of ssh 1.2 or less as well as openssh 1.21 or less..
Indeed, but the really important thing to remember is that doing
*anything* with a compromised server, let alone SSH'ing into it, is very
risky business indeed.
If you have some automated job running "scp" or "ssh" and you don't have
good strong intrusion detection facilities to protect the server (which
would make it at least possible to stop the automated job before it
allowed any propogation of the attack) then you're taking massive risks
already.
Any SSH server trusting a compromised client is in even worse shape, and
if you agree with Bruce Schneier (or me! ;-) then you'll know there is
no such thing as "trusted client software"! :-)
--
Greg A. Woods
+1 416 218-0098 VE3TCP <[EMAIL PROTECTED]> <robohack!woods>
Planix, Inc. <[EMAIL PROTECTED]>; Secrets of the Weird <[EMAIL PROTECTED]>
