Analysis of SSH crc32 compensation attack detector exploit http://staff.washington.edu/dittrich/misc/ssh-analysis.txt
Interesting read on how the exploit works, and what's vulnerable. To find SSH hosts on your network, you can use: http://www.monkey.org/~provos/scanssh/ A helpful guy on the [EMAIL PROTECTED] list told me: <quote> the rules are simple: SSH-1.3 -> v1 only SSH-1.4 -> v1 only SSH-1.5 -> v1 only SSH-1.99 -> v1 and v2 SSH-2.0 -> v2 only OpenSSH is only vulnerable to the crc32 attack for versions < 2.3.0, so SSH-1.99-OpenSSH_2.2.0 IS vulnerable whereas SSH-1.99-OpenSSH_2.3.0 and later are NOT vulnerable </quote> Nevertheless it's good to turn off v1 if you can since it's broken by design. _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
