I think if you use double authentication (both keys and a password) and put
your SSH server on a different port then you are doing the best you can. You
hope to prevent a 0-day but you cannot fully protect yourself...
James
On Fri, Jul 10, 2009 at 7:06 PM, Rob Townley rob.town...@gmail.com
On Thu, 2009-07-09 at 15:18 -0700, Bill Campbell wrote:
This appeared today on Macworld, an article saying this is
probably a hoax:
http://www.macworld.com/article/141628/2009/07/openssh_securityhoax.html?lsrc=rss_main
Bill
In my iptables setup I have the following rule: (excuse the ugly
Coert Waagmeester wrote:
On Thu, 2009-07-09 at 15:18 -0700, Bill Campbell wrote:
This appeared today on Macworld, an article saying this is
probably a hoax:
http://www.macworld.com/article/141628/2009/07/openssh_securityhoax.html?lsrc=rss_main
Bill
In my iptables setup I have the
Rob Kampen schrieb:
Not really protection - rather a deterrent - it just makes it slower
for the script kiddies that try brute force attacks - they have to
pace themselves to one try per minute rather than one or two per
second. Thus they normally move on to an easier target.
You can also
On 07/10/2009 02:59 PM, Rainer Duffner wrote:
Brute-forcing has long-since started to go distributed, fooling fail2ban
and similar scripts with just 3 or 4 checks per single source-host.
I've never been a big fan of either denyhosts or fail2ban, both of them
are just making it easier for
On Friday 10 July 2009, Rob Kampen wrote:
Coert Waagmeester wrote:
...
it only allows one NEW connection to ssh per minute.
That is also a good protection right?
...
Not really protection - rather a deterrent - it just makes it slower for
the script kiddies that try brute force attacks
On Fri, Jul 10, 2009 at 9:33 AM, Peter Kjellstromc...@nsc.liu.se wrote:
On Friday 10 July 2009, Rob Kampen wrote:
Coert Waagmeester wrote:
...
it only allows one NEW connection to ssh per minute.
That is also a good protection right?
...
Not really protection - rather a deterrent - it
On 08/07/2009, Flaherty, Patrick pflahe...@wsi.com wrote:
is there a security issue on CentOS 5.3 with openssh 4.3? I
ask that cause of
http://www.h-online.com/security/Rumours-of-critical-vulnerabi
lity-in-OpenSSH-in-Red-Hat-Enterprise-Linux--/news/113712
and
This appeared today on Macworld, an article saying this is
probably a hoax:
http://www.macworld.com/article/141628/2009/07/openssh_securityhoax.html?lsrc=rss_main
Bill
--
INTERNET: b...@celestial.com Bill Campbell; Celestial Software LLC
URL: http://www.celestial.com/ PO Box 820; 6641 E.
On Tuesday 07 July 2009, Ray Van Dolson wrote:
On Tue, Jul 07, 2009 at 10:31:36PM +0200, Geoff Galitz wrote:
is there a security issue on CentOS 5.3 with openssh 4.3?
If this is a real zero-day exploit.. then yes, there is an issue. The
following link may be the best source of
is there a security issue on CentOS 5.3 with openssh 4.3? I
ask that cause of
http://www.h-online.com/security/Rumours-of-critical-vulnerabi
lity-in-OpenSSH-in-Red-Hat-Enterprise-Linux--/news/113712
and http://secer.org/hacktools/0day-openssh-remote-exploit.html.
Should ssh login from
Hello,
is there a security issue on CentOS 5.3 with openssh 4.3? I ask that
cause of
http://www.h-online.com/security/Rumours-of-critical-vulnerability-in-OpenSSH-in-Red-Hat-Enterprise-Linux--/news/113712
and http://secer.org/hacktools/0day-openssh-remote-exploit.html.
Should ssh login from
is there a security issue on CentOS 5.3 with openssh 4.3?
If this is a real zero-day exploit.. then yes, there is an issue. The
following link may be the best source of information at the moment:
http://isc.sans.org/diary.html?storyid=6742
FWIW, I think the second comment about
On Tue, Jul 07, 2009 at 10:31:36PM +0200, Geoff Galitz wrote:
is there a security issue on CentOS 5.3 with openssh 4.3?
If this is a real zero-day exploit.. then yes, there is an issue. The
following link may be the best source of information at the moment:
Am 07.07.2009 um 22:31 schrieb Geoff Galitz:
is there a security issue on CentOS 5.3 with openssh 4.3?
If this is a real zero-day exploit.. then yes, there is an issue. The
following link may be the best source of information at the moment:
http://isc.sans.org/diary.html?storyid=6742
15 matches
Mail list logo