[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] OpenSSH is a good choice?

To: Kevin <kkadow@xxxxxxxxx>
Subject: Re: [Full-Disclosure] OpenSSH is a good choice?
From: Carlos de Oliveira <carlos.oliv@xxxxxxxxx>
Date: Tue, 21 Dec 2004 01:57:06 -0200

Thank you all for you attention!
This helps me a lot. :-)


On Mon, 20 Dec 2004 18:12:21 -0600, Kevin <kkadow@xxxxxxxxx> wrote:
> Nobody sitting on exploits for the current version of OpenSSH will
> share them in public.
> 
> Of the available SSH servers, OpenSSH (if you deploy the latest
> version, with the latest OpenSSL library, and upgrade when new
> versions come out for either OpenSSL or OpenSSH) is the least likely
> to have remote exploits.
> 
> The most secure deployment of OpenSSH is to run OpenSSH on OpenBSD on
> an architecture with W^X hardware support (Sparc/Sparc64/AMD64).
> 
> Personally, I would be nervous about having a SSH listener on TCP/22
> accessible from any Internet IP that cares to connect.  You might
> consider putting your server behind some sort of IPSEC VPN if you are
> feeling paranoid.
> 
> Kevin
> 
> 
> On Sat, 18 Dec 2004 01:49:39 -0200, Carlos de Oliveira
> <carlos.oliv@xxxxxxxxx> wrote:
> > Hi there!
> >
> > I am going to install OpenSSH in one of my servers, but I want to make
> > sure it is secure.
> > Does anybody know about vulnerabilites on OpenSSH, if yes, would you
> > like to suggest me another remote secure shell ?
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] OpenSSH is a good choice?
  - From: Carlos de Oliveira

Prev by Date: Re: [Full-Disclosure] OpenSSH is a good choice?
Next by Date: [Full-Disclosure] [ GLSA 200412-21 ] MPlayer: Multiple overflows
Previous by thread: Re: [Full-Disclosure] OpenSSH is a good choice?
Next by thread: RE: [Full-Disclosure] OpenSSH is a good choice?
Index(es):
- Date
- Thread