On Fri, 2 Oct 2009, Jacques Marneweck wrote:
Hi,
Is there any further feedback regarding this bug?
There is progress.
Has anyone tested
to see if this also affects FreeBSD 5.x?
FreeBSD 5.x is not a supported branch anymore, so it's unlikely that
anyone will check it. See
Garrett Wollman wrote:
On Thu, 01 Oct 2009 17:13:55 -0700, johnea m...@johnea.net said:
The thing that concerned me is an entry I saw in netstat showing
my system connecting back to a machine that was attempting to log
in to ssh.
Does the ssh server establish a socket to a client attempting
Protect against simple DNS spoofing attacks by checking that the...
So if the ssh bruteforce is coming from a properly setup DNS host it is ok
:
On Fri, Oct 2, 2009 at 4:28 PM, johnea m...@johnea.net wrote:
Garrett Wollman wrote:
On Thu, 01 Oct 2009 17:13:55 -0700, johnea
On Fri, 2 Oct 2009, johnea wrote:
Garrett Wollman wrote:
[..]
tcp4 0 0 atom.60448 host154.advance.com.ar.auth
TIME_WAIT
auth is the port number used by the IDENT protocol.
-GAWollman
Thank You to everyone who responded!
In fact I did
This will provide the greatest relief against drive-by ssh probes,
which
are pretty much background radiation these days. Some may decry it as
'security by obscurity', but who cares when it works so effectively :)
against script kiddies and bots, obscurity is good.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
=
FreeBSD-SA-09:13.pipe Security Advisory
The FreeBSD Project
Topic:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
=
FreeBSD-SA-09:14.devfs Security Advisory
The FreeBSD Project
Topic:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
=
FreeBSD-SA-09:14.devfs Security Advisory
The FreeBSD Project
Topic: