AW: Ten least secure programs

From: Meidinger Chris (chris.meidinger_at_badenit.de)
Date: 07/08/03

  • Next message: Mitchell Rowton: "Re: where should I start? help!"
    To: "'Chris Berry'" <compjma@hotmail.com>, security-basics@securityfocus.com
    Date: Tue, 8 Jul 2003 17:57:47 +0100 
    
    

    Hey, even Trinity exploited SSH in The Matrix. How hard can it be?
    It's like anything else: there is the occaisonal 'sploit, but
    misconfiguration is the real danger.

    badenIT GmbH
    System Support
     
    Chris Meidinger
    Tullastrasse 70
    79108 Freiburg

    -----Ursprüngliche Nachricht-----
    Von: Chris Berry [mailto:compjma@hotmail.com]
    Gesendet: Tuesday, July 08, 2003 2:42 AM
    An: security-basics@securityfocus.com
    Betreff: RE: Ten least secure programs

    >From: sin <sin@terahertz.net>
    >i dunno about ten,
    >but id say the top few in no real order
    >bind, wuftp, openssh (secure replacement my ass, its an encrypted
    >rootshell), imap, uh, im drawing a blank here, im wondering if this was
    >just a cheap way for me to knock on openssh

    OpenSSH??? I use this product extensively, and while there have been a few
    problems discovered, for the most part it seems very secure, do you have
    something to add to your earlier statement? By the way, you can disable
    root logins fairly easily.

    Chris Berry
    compjma@hotmail.com
    Systems Administrator
    JM Associates

    "Encrypt everything, and ask questions later."

    _________________________________________________________________
    Help STOP SPAM with the new MSN 8 and get 2 months FREE*
    http://join.msn.com/?page=features/junkmail

    ---------------------------------------------------------------------------
    Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
    The Gartner Group just put Neoteris in the top of its Magic Quadrant,
    while InStat has confirmed Neoteris as the leader in marketshare.
         
    Find out why, and see how you can get plug-n-play secure remote access in
    about an hour, with no client, server changes, or ongoing maintenance.
              
    Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
    ----------------------------------------------------------------------------

    ---------------------------------------------------------------------------
    Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
    The Gartner Group just put Neoteris in the top of its Magic Quadrant,
    while InStat has confirmed Neoteris as the leader in marketshare.
         
    Find out why, and see how you can get plug-n-play secure remote access in
    about an hour, with no client, server changes, or ongoing maintenance.
              
    Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
    ----------------------------------------------------------------------------


  • Next message: Mitchell Rowton: "Re: where should I start? help!"