Security Incidents mailing list archives
SSH2 Exploit?
From: jonz () NETRAIL NET (Jonathan A. Zdziarski)
Date: Wed, 9 Feb 2000 21:30:17 -0500
We recently had one of our remote logging servers compromised. It was totally locked down running only ssh2; all inet processes were turned off. Unfortunately, they obliterated the disk so we were not able to get any information about how they exploited our machine, however since the only point of entry was SSH2, I'm very concerned about a possibly vulnerability in the code. What is the general consensus of the 'most secure' version of ssh? 1.2.27? Thank you, Jonathan A. Zdziarski Director - MIS NetRail, inc. 230 Peachtree St. Suite 1700 Atlanta, GA 30303 404-522-5400 x240
Current thread:
- Re: E-Mail relay or break in?, (continued)
- Re: E-Mail relay or break in? Graeme (Feb 09)
- Re: E-Mail relay or break in? Nathan Nichols (Feb 09)
- Re: E-Mail relay or break in? Ryan Russell (Feb 09)
- Recent DDoS Bino Gopal (Feb 08)
- Re: Recent DDoS Qmail Admin (Feb 09)
- Port 34545 jimwebb () EASYSTREET COM (Feb 09)
- Re: Recent DDoS MMS26 (Feb 09)
- Re: Recent DDoS Vanja Hrustic (Feb 09)
- Re: Recent DDoS (was Ping flood? Whats the point?) Kerry Baker (Feb 09)
- Re: Recent DDoS (was Ping flood? Whats the point?) Eivind Eklund (Feb 11)
- SSH2 Exploit? Jonathan A. Zdziarski (Feb 09)
- Re: SSH2 Exploit? Alexander Kiwerski (Feb 10)
- Re: SSH2 Exploit? Richard Trott (Feb 10)
- Re: SSH2 Exploit? Thiago/c0nd0r (Feb 11)
- Re: SSH2 Exploit? Jonathan A. Zdziarski (Feb 11)
- Re: SSH2 Exploit? Thiago/c0nd0r (Feb 11)
- Re: SSH2 Exploit? Mike Tancsa (Feb 15)
- Re: SSH2 Exploit? //Stany (Feb 16)
- Re: SSH2 Exploit? sysadmin (Feb 16)
- AdForce hitting odd ports Rick Tortorella (Feb 11)
- UDP to 161 CL: Nelson, Jeff (Feb 10)