21 Nov
2001
21 Nov
'01
14:42
Ralf Koch wrote:
Hi,
the main question is, if your SSH daemon is vulnerable.
The option "Protocol 2,1" sets only the preferred version to SSH2. You're allowed to connect with SSH1 too.
Cheers,
Ralf
Hi, we updated to rpm package openssh-2.9p1-17 on all our Linux boxes some days ago and I think: This is a SSH2 Daemon. Isnt it? Is it vulnerable? Its possible that the last incident just came trough the SSH1 vulnerability. Another question: Is duarawkz only a Linux hackertool? Maybe some enthused hackers ported it to other platforms? I have still some SSH1 unix platforms here. Bye, Annette