No subject
Tue Jun 4 12:17:20 MDT 2013
protocol problems are probably not just theoretical... sorry, I can't go
into further details (on list or off) but considering that the ONLY
thing listening on the network on a cracked system was an "up-to-date"
SSH v1... and only three people (all involved in the cleanup) had the
root password... and I doubt the other two people were lying about
that. (oooh... isn't that "web of trust" thing INTERESTING? GRIN...)
Since then, I don't trust SSH v1 and always disable support for it.
Nate
More information about the LUG
mailing list