Guardian Digital Inc. >
Mailing List Archives >
Full Disclosure Mailing List Archive
Thank you all for you attention!
This helps me a lot. :-)
On Mon, 20 Dec 2004 18:12:21 -0600, Kevin <firstname.lastname@example.org> wrote:
> Nobody sitting on exploits for the current version of OpenSSH will
> share them in public.
> Of the available SSH servers, OpenSSH (if you deploy the latest
> version, with the latest OpenSSL library, and upgrade when new
> versions come out for either OpenSSL or OpenSSH) is the least likely
> to have remote exploits.
> The most secure deployment of OpenSSH is to run OpenSSH on OpenBSD on
> an architecture with W^X hardware support (Sparc/Sparc64/AMD64).
> Personally, I would be nervous about having a SSH listener on TCP/22
> accessible from any Internet IP that cares to connect. You might
> consider putting your server behind some sort of IPSEC VPN if you are
> feeling paranoid.
> On Sat, 18 Dec 2004 01:49:39 -0200, Carlos de Oliveira
> <email@example.com> wrote:
> > Hi there!
> > I am going to install OpenSSH in one of my servers, but I want to make
> > sure it is secure.
> > Does anybody know about vulnerabilites on OpenSSH, if yes, would you
> > like to suggest me another remote secure shell ?
Full-Disclosure - We believe in it.