[rescue] OT: SSH
Phil Schilling
rescue at sunhelp.org
Sun Dec 23 04:42:10 CST 2001
Kenneth Caruso wrote:
>
> Not recently but almost a year ago. I have noticed an increase in scanning
> for this vulnerability in the past month and personally know a couple of
> people and or companies that have been rooted by this exploit. I am
> guessing its the crc attack, only its finally been stupified/coded to the
> script kiddie level. From my understanding disabiling protocol 1 (as the
> exploit is the protocol 1 code) is a good immediate action to take if you
> cannot upgade/patch right away. I believe post 2.2 of openssh is safe.
>
> Oh heres the notice.
>
> http://securityfocus.com/bid/2347
>
> Ken Caruso
> kenc at seattlewireless.net
> http://ken.ipl31.net
>
> "when in doubt tell the truth" -Mark Twain
>
<snip>
Thanks to all for the answer, and I did find a couple logs with
sshd:your version is too old and is no longer supported.
Phil
--
Phil Schilling
GCS Tech
phils at gcstech.net
More information about the rescue
mailing list