No subject

Tue Jun 4 12:17:20 MDT 2013

protocol problems are probably not just theoretical... sorry, I can't go
into further details (on list or off) but considering that the ONLY
thing listening on the network on a cracked system was an "up-to-date"
SSH v1... and only three people (all involved in the cleanup) had the
root password... and I doubt the other two people were lying about
that.  (oooh... isn't that "web of trust" thing INTERESTING?  GRIN...)

Since then, I don't trust SSH v1 and always disable support for it.


More information about the LUG mailing list