[lug] Ancient RH box hacked, which packages must be updated?
Bear Giles
bgiles at coyotesong.com
Fri Mar 26 10:49:24 MST 2004
Lee Woodworth wrote:
> I know that 2 years ago a secondary-DNS server in Golden was
> hacked. The box was running RH6 with an old SSH. The hack was
> thgough SSH. IIRC there was some weakness in version 1 of the
> protocol and the RH6 sshd only supported version 1.
We don't know how the guy is getting in, only that it's not
through one of the services we've already shut down. I thought we
had updated ssh to 3.6 a while back, but it seems to still be
running 3.5.
More information about the LUG
mailing list