[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Google
  Web www.spinics.net

Re: 0Day?



Ref Link :  http://secer.org/hacktools/0day-openssh-remote-exploit.html

Securing the sshd of your customer's servers ASAP by  following
atleast the following steps.

1) Change Default SSH Port
2) Disable Direct Root Login
3) Disable common wheel users like admin. Use a hard to guess wheel username
4) Disable shell access for all customers.
5) If possible allow access to SSH only from Bobcares and Customer's
ip address ( Use firewall and hosts.{allow,deny} file to do this. )

Step 1, 2 and 3 makes it hard for the users to guess ssh port and wheel username
Step 4 prevents user accounts from getting hacked.
Step 5 make it almost 100% fool proof unless someone from own network
or the client's network tries to hack.

Regards
Sujith


On Tue, Jul 7, 2009 at 8:09 PM, Jon Kibler<Jon.Kibler@xxxxxxxx> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Anyone with any solid knowledge regarding a new SSH 0-day?
>
> Something other than rumors/blog post saying there might be one?
>
> TIA for info!
>
> Jon K
> - --
> Jon R. Kibler
> Chief Technical Officer
> Advanced Systems Engineering Technology, Inc.
> Charleston, SC  USA
> o: 843-849-8214
> c: 843-813-2924 (NEW!)
> s: 843-564-4224
> http://www.linkedin.com/in/jonrkibler
>
> My PGP Fingerprint is:
> BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.8 (Darwin)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iEYEARECAAYFAkpTXhUACgkQUVxQRc85QlOPXwCcCTai1YVSKRc0NBBo6y6JxJ/Q
> 3KsAmwRZRXsz6AblpgCciRwVmPf+941p
> =k/ju
> -----END PGP SIGNATURE-----
>
>
>
>
> ==================================================
> Filtered by: TRUSTEM.COM's Email Filtering Service
> http://www.trustem.com/
> No Spam. No Viruses. Just Good Clean Email.
>
>



-- 
Sujith Mohan k


[Home]     [Fedora Users]     [Fedora Legacy]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

Add to Google Powered by Linux