Your safest bet is going to be to get new clean source, it's supposed to have been updated today and recompile and push it out. The trojaned code is supposed to have hit the openssh site withn the last 2-3 days, limiting the exposure to only those that in that time frame scarfed up the trojaned code. Analysis of the trojaned codes seems to indicate this nasty runs in the background all the while the trojaned sshd is up, so, I would get new source and recompile and push. Far better to be safe than sorry. Thanks, Ron Dufresne On Thu, 1 Aug 2002, Steve Wright wrote: > > Hello, > > I'm no programmer so I'm hoping someone can confirm this for me.. > I am correct in thinking the trojan currently in OpenSSH portable 3.4p1 only > runs during compilation ? > > ie a copy of ssh compiled using this source will not have anything nasty > build into it ? > > Thanks, > Steve. > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything.
This archive was generated by hypermail 2b30 : Fri Aug 02 2002 - 00:52:42 PDT