On Thu, 29 Jul 2004, Stefan Janecek wrote: > The compromised machine was running an old debian woody installation > which had not been upgraded for at least one year, the sshd version > string says 'OpenSSH_3.6.1p2 Debian 1:3.6.1p2-10'
But that was not the default debian woody sshd ? Woody has this one : SSH-2.0-OpenSSH_3.4p1 Debian 1:3.4p1-1.woody.3 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
