SSH attacks ?
Tobias Speckbacher
TSpeckbacher at quova.com
Thu Sep 16 21:38:50 UTC 2004
> -----Original Message-----
> From: redhat-list-bounces at redhat.com [mailto:redhat-list-
> bounces at redhat.com] On Behalf Of Benjamin J. Weiss
> Sent: Thursday, September 16, 2004 11:13 AM
> To: jeff at virgin.net; General Red Hat Linux discussion list
> Subject: Re: SSH attacks ?
>
> On Thu, 16 Sep 2004, Jeff wrote:
> > Just to follow on from this - does OpenSSH 3.6.1p2 have a serious
vuln.
> that I dont know about? Anyone got a link?
> >
> > Jeff
check http://www.openssh.com/security.html on a regular basis and yer
set.
-Tobias
> >
>
> You can do a google, or check out the rpm change log for openssh. I'm
not
> sure about specific vulnerabiliies on specific versions (I just ensure
> that I'm always patched), but I *do* know that version 1 of the ssh
> protocol is seriously flawed, and that it's enabled by default on RH
> installations. You need to edit /etc/ssh/sshd_config and modify the
> Protocol line to only have Protocol 2.
>
> Piece of trivia: In the second Matrix movie, you'll see Trinity hack
into
> a computer. She uses a known exploit of the ssh v1 protocol to do it.
:)
>
> Ben
>
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
More information about the redhat-list
mailing list