Re: 0Day?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



 Let's follow the thread...

 http://lwn.net/Articles/340483/

 Regards,

 Jacson


On Tue, Jul 7, 2009 at 22:28, Sujith M K<sujithmk@xxxxxxxxx> wrote:
> Ref Link :  http://secer.org/hacktools/0day-openssh-remote-exploit.html
>
> Securing the sshd of your customer's servers ASAP by  following
> atleast the following steps.
>
> 1) Change Default SSH Port
> 2) Disable Direct Root Login
> 3) Disable common wheel users like admin. Use a hard to guess wheel username
> 4) Disable shell access for all customers.
> 5) If possible allow access to SSH only from Bobcares and Customer's
> ip address ( Use firewall and hosts.{allow,deny} file to do this. )
>
> Step 1, 2 and 3 makes it hard for the users to guess ssh port and wheel username
> Step 4 prevents user accounts from getting hacked.
> Step 5 make it almost 100% fool proof unless someone from own network
> or the client's network tries to hack.
>
> Regards
> Sujith
>
>
> On Tue, Jul 7, 2009 at 8:09 PM, Jon Kibler<Jon.Kibler@xxxxxxxx> wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> Anyone with any solid knowledge regarding a new SSH 0-day?
>>
>> Something other than rumors/blog post saying there might be one?
>>
>> TIA for info!
>>
>> Jon K
>> - --
>> Jon R. Kibler
>> Chief Technical Officer
>> Advanced Systems Engineering Technology, Inc.
>> Charleston, SC  USA
>> o: 843-849-8214
>> c: 843-813-2924 (NEW!)
>> s: 843-564-4224
>> http://www.linkedin.com/in/jonrkibler
>>
>> My PGP Fingerprint is:
>> BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253
>>
>>
>> -----BEGIN PGP SIGNATURE-----
>> Version: GnuPG v1.4.8 (Darwin)
>> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>>
>> iEYEARECAAYFAkpTXhUACgkQUVxQRc85QlOPXwCcCTai1YVSKRc0NBBo6y6JxJ/Q
>> 3KsAmwRZRXsz6AblpgCciRwVmPf+941p
>> =k/ju
>> -----END PGP SIGNATURE-----
>>
>>
>>
>>
>> ==================================================
>> Filtered by: TRUSTEM.COM's Email Filtering Service
>> http://www.trustem.com/
>> No Spam. No Viruses. Just Good Clean Email.
>>
>>
>
>
>
> --
> Sujith Mohan k
>


[Index of Archives]     [Open SSH Unix Development]     [Fedora Users]     [Fedora Desktop]     [Yosemite Backpacking]     [KDE Users]     [Gnome Users]

  Powered by Linux