Re: Is there an openssh security problem?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



> is there a security issue on CentOS 5.3 with openssh 4.3? I 
> ask that cause of
> http://www.h-online.com/security/Rumours-of-critical-vulnerabi
> lity-in-OpenSSH-in-Red-Hat-Enterprise-Linux--/news/113712
> and http://secer.org/hacktools/0day-openssh-remote-exploit.html.
> 
> Should ssh login from internet on CentOS better be disabled?
You should always limit access to sensitive services on a machine.
Remote login should be included in that list. Either limit it by
firewall or in the openssh daemon to certain ips. Even if you can only
limit it to a class c or class a, you've still chopped out a number of
possibly malicious hosts.

Patrick 
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux