> For my own part, on top of upgrading to the latest versions of > SSHd, I'm recommending that folks utilize IPchains or IPFilter to > reinforce their explicitly-defined AllowHosts directives in sshd_config. > These measure in themselves should greatly mitigate both the present (and > hopefully, future) threat of successful remote attack on SSHd. Are we safe if the attack is run from a host not listed as accepted in access control files, ie: /etc/hosts.deny: ALL: ALL /etc/hosts.allow: sshd: www.xxx.yyy.zzz Thanx. -- Bertrand ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Wed Dec 12 2001 - 10:33:09 PST