House of Hackers

mindcorrosive

OpenSSH bashing

Posted by mindcorrosive on May 13, 2008 at 8:12pm

Previous Post  |  Next Post View Blog Posts

Ah, just great.. It seems that OpenSSH is the word of the day, if you are security-concerned, and sporting a Debian-derivative.. Now I have to update manually the server, the laptop, and to change the security keys.. I really don't feel like checking if they are vulnerable or not, with my luck today I know what the result will be. First time I see such a serious security advisory, and a lengthy solution from Debian. And, of course, I have to warn all my users about the key changes, and to explain why that has to be done.. Admin work is just plain boring..

Tags: debian, ssh, vulnerability

2 Comments

CG1980 Comment by CG1980 on May 14, 2008 at 9:37am
Better change the default SSH port of 22 to something different (>10k) to evade automatic portscans...
mindcorrosive Comment by mindcorrosive on May 14, 2008 at 10:30am
yeah, I'm doing this every time I install the ssh-server, but still I felt like bashing around for this security hole big as a Cadilac Eldorado. :)

Add a Comment

You need to be a member of House of Hackers to add comments!

Join this network

RSS

About House of Hackers

Petko D. (pdp) Petkov Petko D. (pdp) Petkov created this social network on Ning.

Create your own social network!

© 2008   Created by Petko D. (pdp) Petkov on Ning.   Create your own social network

Report an Issue  |  Feedback  |  Privacy  |  Terms of Service