[Dshield] RE: SSH - SSH Scans.. Worm?

daniel uriah clemens dclemens at inline.com
Thu Nov 8 22:12:09 GMT 2001


This is old news though.
Why are people  getting all up in arms 'now' ... just because there are
traces that there is an exploit going around?

There is also a great writeup on this at : 
http://planeta.clix.pt/bsphere/ssh-exploit.txt

Dont turn off sshd, read the advisory, is your server affected?

PATCH IT.

If there is a worm going around, and you don't want to possibly be
affected and you don't want to patch your system ....the worm would
probably attack the standard ssh port ( 22 ), change the port ssh listens
on if your worried..

anyhow...

-dc

 On Thu, 8 Nov 2001, maria ciavarro
wrote:

> Has anyone GTOC'd (https://gtoc.iss.net/)today!
> 
> Well I suggest you do. Click on Customer Login it is
> open to the public for now.
> 
> There is some commentary on SSh vulnerabilities as
> well as links to the various write-ups. Right now
> there is no proof of a worm but that does not mean
> that one may not be far behind. Restrict SSH access;
> may elevate future headaches.
> 
> MaC
> 
> __________________________________________________
> Do You Yahoo!?
> Find a job, post your resume.
> http://careers.yahoo.com
> 
> _______________________________________________
> Dshield mailing list
> Dshield at dshield.org
> To change your subscription options (or unsubscribe), see: http://www1.dshield.org/mailman/listinfo/dshield
> 





More information about the list mailing list