[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: openssh 3.1 & www.openbsd.org

To: Alex de Joode <usura@zedz.net>
Subject: Re: openssh 3.1 & www.openbsd.org
From: Hugo Villeneuve <hugo_villeneuve@yahoo.com>
Date: Fri, 8 Mar 2002 16:14:46 -0500
Cc: misc@openbsd.org
Content-Disposition: inline
References: <20020308155333.A26806@outpost.zedz.net>
User-Agent: Mutt/1.2.5i

Currently, the net is being actively scanned for linux server an
running OpenSSH with the CRC-32 remote hole and thus protocol 1
support.

I don't know if the currently running exploits attacks succesfully
OpenBSD servers but the kits are quite efficient for Linux [of
course, those script kiddies are completly lost when their
RedHat/Mandrake scripts doesn't work].

That bug was fixed in OpenBSD 2.8 and up.

And in 2.6 and 2.7, because of the RSA patent, the librairies needed
to run SSH with RSA and protocol 1 support where not included in
the _default_ install.

Funny I guess.


-- 
Hugo Villeneuve <hugo_villeneuve@yahoo.com>
http://EINTR.net/

References:
- openssh 3.1 & www.openbsd.org
  - From: Alex de Joode <usura@zedz.net>

Prev by Date: Re: Upgrading 3.0 to -current problems
Next by Date: Re: Upgrading 3.0 to -current problems
Prev by thread: Re: openssh 3.1 & www.openbsd.org
Next by thread: Re: openssh 3.1 & www.openbsd.org
Index(es):
- Date
- Thread