Thank you all for you attention! This helps me a lot. :-)
On Mon, 20 Dec 2004 18:12:21 -0600, Kevin <[EMAIL PROTECTED]> wrote: > Nobody sitting on exploits for the current version of OpenSSH will > share them in public. > > Of the available SSH servers, OpenSSH (if you deploy the latest > version, with the latest OpenSSL library, and upgrade when new > versions come out for either OpenSSL or OpenSSH) is the least likely > to have remote exploits. > > The most secure deployment of OpenSSH is to run OpenSSH on OpenBSD on > an architecture with W^X hardware support (Sparc/Sparc64/AMD64). > > Personally, I would be nervous about having a SSH listener on TCP/22 > accessible from any Internet IP that cares to connect. You might > consider putting your server behind some sort of IPSEC VPN if you are > feeling paranoid. > > Kevin > > > On Sat, 18 Dec 2004 01:49:39 -0200, Carlos de Oliveira > <[EMAIL PROTECTED]> wrote: > > Hi there! > > > > I am going to install OpenSSH in one of my servers, but I want to make > > sure it is secure. > > Does anybody know about vulnerabilites on OpenSSH, if yes, would you > > like to suggest me another remote secure shell ? > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
