Re: Somebody is keep trying to ssh into my systems, how can I stop that?



Ertugrul Soeylemez wrote:

left_coast <void@xxxxxxxx> (06-08-06 17:19:20):

Get informed. OpenSSH is part of OpenBSD. The advisory list covers
_all_ OpenSSH security issues.

That IS my point. You can not determin the vulnerabilities of OpenSSH
by looking at ALL the vulnerabilities of BSD. IT is FLAWED LOGIC TO DO
SO.

Once more again, and I hope you get it this time: OpenSSH is part of
OpenBSD!

SO WHAT?

Unlike Linux, OpenBSD is _not_ just a kernel.

SO WHAT? That means that you can NOT take what is true about OpenBSD and
APPLY IT TO LINUX. Any point you make about OpenBSD can not apply to Linux
because, as you point out here, Linux IS NOT BSD.

It is a full
operating system!

With MANY PARTS. As I said in another place:

"Second, what "mostly" happens on BSD does not mean that ssh
has a good record. There is an old saying about averages that I will adapt
here: Your head is in an oven at 2000 degrees, your feet are in a freezer
at 1 degree above absolute 0. Your body, from your ankles to your neck is
at 72 degrees. Your body is "mostly" OK so there is no problems right?
Bwhahahahahahahahhaha, Saying "mostly" does not mean that small parts do
not have SERIOUS problems. Saying that " The exploitability of them mostly
depends..." About BSD as a whole does NOT prove anything about SSH as a
part. Saying that BSD's security is "mostly" anything says NOTING about SSH
SPECIFICALLY. SSH could be a sieve and still BSD could be "mostly" ok. "


If you read the change log of OpenSSH, you'll find
that the security-related bug-fixes there can be found on the advisory
list I mentioned, too.

And there are enough relating to OpenSSH to say that the OpenSSH portion of
BSD has a bad track record.

To look at OpenSSH as it would apply to LINUX (and we are in a LINUX group)
not a different OS, we need to look at OpenSSH as a standalone application:

http://www.saintcorporation.com/cgi-bin/demo_tut.pl?tutorial_name=OpenSSH_vulnerabilities.html&fact_color=&tag=

Any claims about BSD simply do not apply to Linux, because, as you said, BSD
is not Linux. So the only valid judge of OpenSSH is to look at OpenSSH as a
stand along part of Linux, the way LINUX works.



My bet is you have lots of people telling you that your logic is
flawed.

A lot of people do;

'Nuff said.



--
Still waiting for a rational answer from Bittwister to this:
<nfqlo3-qds.ln1@xxxxxxxxxxxxxxxxxxxx>.
.



Relevant Pages