This primarily a debian bug right? So all debian servers out there must update their software and re-generate the keys.
"Sent via BlackBerry from Smart" -----Original Message----- From: "Alvin Delagon" <[EMAIL PROTECTED]> Date: Sat, 24 May 2008 08:44:40 To:"Philippine Linux Users' Group (PLUG) Technical Discussion List"<[email protected]> Subject: Re: [plug] Huge Hole in Open Source Software The value that is supposed to generate random keys was reduced to a mere unsigned integer 0 to 32,767. Brute force attack will be much easier. I'd suggest that we should set strict firewall rules on the SSH port 22 for the meantime do not open it to public. --- Alvin On Sat, May 24, 2008 at 8:18 AM, Raul Limos <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> > wrote: Huge Hole in Open Source Software Found, Leaves Millions Vulnerable: http://www.dailytech.com/article.aspx?newsid=11869 <http://www.dailytech.com/article.aspx?newsid=11869> _________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug <http://lists.linux.org.ph/mailman/listinfo/plug> Searchable Archives: http://archives.free.net.ph <http://archives.free.net.ph> -- http://www.alvinatorsplayground.blogspot.com/ <http://www.alvinatorsplayground.blogspot.com/> _________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph _________________________________________________ Philippine Linux Users' Group (PLUG) Mailing List http://lists.linux.org.ph/mailman/listinfo/plug Searchable Archives: http://archives.free.net.ph
