Hi all, just to remind some of the lazy ones out there: the ssh crc32 compensation attack is (again) actively being exploitet. From one attack I have actively monitored, there were about 10 machines compromized in one night, after being scanned some days before. I phoned some of the admins, and most of them knowed that the problem exists (most of them were running SuSE 7.0), but were too lazy to fix it. See: http://www.suse.de/de/support/security/2001_045_openssh_txt.txt http://www.suse.de/de/support/security/2001_044_openssh_txt.txt http://www.suse.de/de/support/security/adv004_ssh.txt http://www.suse.de/de/support/security/2000_047_openssh_txt.txt http://defaced.alldas.de/mirror/2002/01/10/accounting.nordwest.net/ http://defaced.alldas.de/mirror/2002/01/10/custmx.ingolstadt-online.net/ http://defaced.alldas.de/mirror/2001/12/30/spider.tmag.de/ Cu, Thomas