On Wed, Jul 8, 2009 at 11:38 AM, Norbert Preining <prein...@logic.at> wrote:
> On Mi, 08 Jul 2009, Leandro Minatel wrote: > > Right you are!, but, don't forget that there are more than 65500 ports to > > ??? Are you talking about trying the exploit on every single port? Then > they would really be stupid. Calling nmap makes that much faster. > > No the code must be fixed if there is a hole, nothing else helps but > turing off ssh. > > Best wishes > > Norbert > > > ------------------------------------------------------------------------------- > Dr. Norbert Preining <prein...@logic.at> Vienna University of > Technology > Debian Developer <prein...@debian.org> Debian TeX > Group > gpg DSA: 0x09C5B094 fp: 14DF 2E6C 0307 BE6D AD76 A9C0 D2BF 4AA3 09C5 > B094 > > ------------------------------------------------------------------------------- > LUSBY (n.) > The fold of flesh pushing forward over the top of a bra which is too > small for the lady inside it. > --- Douglas Adams, The Meaning of Liff > > > -- > To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact > listmas...@lists.debian.org > > No, of course not. Maybe I expressed myself "not in a proper way", sorry, english is not my natural language. AFAIK, nmap, by default, scan ports from 1 to 1024 and those listed in nmap-services. This allows me to "hide" ssh-server for the majority of mortals. BTW, I agree with you, the code must be fixed, no doubt at all. Regards Leandro
