[Gllug] [Fwd: SSH Security Advisory: Centos (and other distros)]

James Hawtin oolon at ankh.org
Wed Jul 8 09:00:42 UTC 2009


On Wed, Jul 08, 2009 at 09:26:30AM +0100, Hari Sekhon wrote:
> That was exactly my thought. You have a problem, so to fix it all you 
> have to do is go install some dodgy backdoored rpm from some site you 
> don't know...

I personally would recommend firewalling SSH to specified IP
addresses/ranges for sensitive machines, as you never know when a day 0 will
happen. Yes it just transfering risk somewhere else, but that somewhere is
away from the things you care most about.

James
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug




More information about the GLLUG mailing list