Re: Any recent ssh attacks?

From: Kutulu (kutulu@kutulu.org)
Date: 11/28/01


Date: Wed, 28 Nov 2001 13:49:18 -0500
From: Kutulu <kutulu@kutulu.org>
To: Wooi Koay <Wooi@ismg.com>
Subject: Re: Any recent ssh attacks?
Message-ID: <20011128134918.A4051@pr0n.kutulu.org>

On Tue, Nov 27, 2001 at 01:02:57PM -0500, Wooi Koay wrote:
> I got lots of scans on port 22 recently, is there any known ssh security
> holes being discussed recently? Thanks.
>
> Wooi.

OpenSSH 3.0.0 was released recently, and had remotely exploitable bugs. OpenSSH 3.0.1 was released soon after to fix them,
but I hear it either failed to fix them all, or introduced new ones. At any rate, this accounts for the high volume of ssh
scans, wether the rumors are true or not :)

 --K



Relevant Pages

  • Re: Re[2]: remote login & default gateway problem
    ... I changed this setting, also disabled reverse DNS ... router (how to fix this?) ... On ssh I get "connection refused" however `netstat -an ...
    (freebsd-questions)
  • Re: X11 apps dont launch on F15 over ssh/vpnc
    ... It works over ssh to another server on the local network, but it fails when attempting to ssh over a vpnc connection to work. ... Just to double check I installed vpnc on an old F11 VM running on an F14 host, vpn'ed to work, opened an ssh connection to a server, and was able to open gedit. ... The failing behaviour is that the gedit window does not open and the verbose mode of ssh ends with the line "confirm x11" before terminal window becomes unresponsive. ... Putting SELinux in permissive mode does not fix it. ...
    (Fedora)
  • openssh cursors (win32)
    ... I can't fix this problem at the source level. ... I have XP pro version 5.01.2600, OpenSSH for Windows v3.5p1-3, and have ... The Backspace works with the ssh ...
    (comp.security.ssh)
  • Re: (Somewhat OT) How to fix backspace/delete key in OS/X (Mac)
    ... their backspace key. ... recently started using OS/X on a MacBook. ... The right way to fix this sort of thing is to ... but for some reason is translated when sent to ssh. ...
    (comp.unix.shell)
  • Re: SElinux concerning symlink?
    ... This reverted the system so that ssh in failed as it had in the first place ... so I had to fix the context for /opt/ using restorecon again.... ... password - passwordless login is still not possible. ... The sealert message suggests doing restorecon -v './authorized_keys2' ...
    (Fedora)