hey: Jeff Newmiller wrote:
> On Sun, 27 Jan 2002, John Desmond wrote: > > > I just picked the following off my ESbeta2 a few > > minutes ago. It claims a "crc32 compensation attack" > > was made against it. It went on for about 1/2 hour. Is > > it significant that the source port changes with every > > connection attempt? > > I have sshd set up to receive connections from two > > external IPs (EXTERN_TCP_PORTS="0/0_ssh <2 locations>" Doesn't "0/0_ssh mean that the whole world can connect to port 22 not just two hosts? Glenn > > > and hosts.allow is ALL:192.168.1.0/255.255.255.0,<2 > > locations>) and this isn't one of them. Are there any > > extra steps I should take to protect my internal home > > network? > > DENY all port 22 access through the external interface until you have > confirmed that you are not vulnerable. I don't know if there is an ssh > v1.2.32 LRP file, but I think Jacques Nilo's OpenSSH is up to date. > > Read http://www.kb.cert.org/vuls/id/945216 > > [...] > > --------------------------------------------------------------------------- > Jeff Newmiller The ..... ..... Go Live... > DCN:<[EMAIL PROTECTED]> Basics: ##.#. ##.#. Live Go... > Live: OO#.. Dead: OO#.. Playing > Research Engineer (Solar/Batteries O.O#. #.O#. with > /Software/Embedded Controllers) .OO#. .OO#. rocks...2k > --------------------------------------------------------------------------- > > _______________________________________________ > Leaf-user mailing list > [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
