Re: Close OpenSSH hole on 13.1-RELEASE server without shutting down?

In reply to: Dan Mahoney : "Re: Close OpenSSH hole on 13.1-RELEASE server without shutting down?"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Brett Glass <brett_at_lariat.net>
Date: Wed, 03 Jul 2024 02:53:17 UTC

At 07:03 PM 7/2/2024, Dan Mahoney wrote:

>There is a workaround posted in the security advisory.

Unfortunately, the "workaround" is in many ways as bad as the 
vulnerability, because it exposes you to DoS attacks.

>You can also firewall off ssh connections from anywhere but trusted sources.

Yep. But if a worm based on this vulnerability begins to propagate, 
it might get behind the firewall. We really want to patch.

--Brett