Hello, is there a security issue on CentOS 5.3 with openssh 4.3? I ask that cause of http://www.h-online.com/security/Rumours-of-critical-vulnerability-in-OpenSSH-in-Red-Hat-Enterprise-Linux--/news/113712 and http://secer.org/hacktools/0day-openssh-remote-exploit.html. Should ssh login from internet on CentOS better be disabled? regards Olaf
> is there a security issue on CentOS 5.3 with openssh 4.3?If this is a real zero-day exploit.. then yes, there is an issue. The following link may be the best source of information at the moment: http://isc.sans.org/diary.html?storyid=6742 FWIW, I think the second comment about RHEL/Centos in the referenced post is a little off-base. After all, you have to know that a bug exists before you can fix it. -geoff --------------------------------- Geoff Galitz Blankenheim NRW, Germany http://www.galitz.org/ http://german-way.com/blog/
> is there a security issue on CentOS 5.3 with openssh 4.3? I > ask that cause of > http://www.h-online.com/security/Rumours-of-critical-vulnerabi > lity-in-OpenSSH-in-Red-Hat-Enterprise-Linux--/news/113712 > and http://secer.org/hacktools/0day-openssh-remote-exploit.html. > > Should ssh login from internet on CentOS better be disabled?You should always limit access to sensitive services on a machine. Remote login should be included in that list. Either limit it by firewall or in the openssh daemon to certain ips. Even if you can only limit it to a class c or class a, you've still chopped out a number of possibly malicious hosts. Patrick