Hi, thanks for this information! I just hope that this is a hoax. What would you suggest for securing a server running openSSH? How can I notice such an attack in my log files?
Cheers ________________________________________ Kontaktinformationen clem...@csrv.at www.cdev.at 2009/7/7 Henrique de Moraes Holschuh <h...@debian.org> > As usual, you may want to either raise shields (i.e. disable/restrict > access > to the ssh service), or pay extra attention to what is happening on your > SSH > inbound gateways... > > http://lwn.net/Articles/340360/ > http://isc.sans.org/diary.html?storyid=6742 > http://secer.org/hacktools/0day-openssh-remote-exploit.html > > Yes, it could be a hoax, and I sure hope that's all it is... > > -- > "One disk to rule them all, One disk to find them. One disk to bring > them all and in the darkness grind them. In the Land of Redmond > where the shadows lie." -- The Silicon Valley Tarot > Henrique Holschuh > > > -- > To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact > listmas...@lists.debian.org > >
