[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-users] FIX - can't su to root, email stopped working,gui stopped working, postgres database is down, virtual sites disappeared
- Subject: RE: [cobalt-users] FIX - can't su to root, email stopped working,gui stopped working, postgres database is down, virtual sites disappeared
- From: "Richard Sidlin" <dns@xxxxxxxxxxxxxxxxx>
- Date: Mon Mar 4 23:41:00 2002
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
How do you disable protocol 1 on a 4R please?
-----Original Message-----
From: cobalt-users-admin@xxxxxxxxxxxxxxx
[mailto:cobalt-users-admin@xxxxxxxxxxxxxxx] On Behalf Of Steve Werby
Sent: 05 March 2002 15:20
To: cobalt-users@xxxxxxxxxxxxxxx
Subject: Re: [cobalt-users] FIX - can't su to root, email stopped
working,gui stopped working, postgres database is down, virtual sites
disappeared
"Jay Summers" <jay@xxxxxxxxxxxxxxxxxxxxx> wrote:
> Correct me if I'm wrong, but I don't think the SSH1 protocol is
> anymore unsafe than SSH2 as long as it's the latest stable/secure
> release. I don't really have any links to back up my claim but I
> believe that I read this somewhere before. Maybe even this list...
Don't believe everything you read. <g> That includes everything I say,
though in this case my statements weren't unfounded. Based on what I
believe to be true, older versions of SSH are vulnerable and newer
versions of SSH with Protocol 1 enabled are vulnerable. In any case,
even if the consensus was that newer versions of SSH were not vulnerable
to an attack using Protocol 1, I would disable it because I realize that
we're all really talking about *known* vulnerabilities. And IMO, it's
more likely a new vulnerability will be discovered in Protocol 1 than n
Protocol 2 so I'll take my chances and run Protocol 2 exclusively and
recommend that my clients use SSH client programs that support Protocol
2. You might want to check out the following article or google for
something like "ssh protocol 1 vulnerability" (without the quotes).
http://www.stanford.edu/group/itss-ccs/security/news/ssh.html
HTH,
--
Steve Werby
President, Befriend Internet Services LLC http://www.befriend.com/
_______________________________________________
cobalt-users mailing list
cobalt-users@xxxxxxxxxxxxxxx
To Subscribe or Unsubscribe, please go to:
http://list.cobalt.com/mailman/listinfo/cobalt-users
- Prev by Date:
Re: [cobalt-users] FIX - can't su to root, email stopped working,gui stopped working, postgres database is down, virtual sites disappeared
- Next by Date:
Re: [cobalt-users] PHP Problems after upgrade from pkgmaster.com
- Previous by thread:
Re: [cobalt-users] FIX - can't su to root, email stopped working,gui stopped working, postgres database is down, virtual sites disappeared
- Next by thread:
Re: [cobalt-users] FIX - can't su to root, email stopped working,gui stopped working, postgres database is down, virtual sites disappeared
- Sun Cobalt Users Message Index
- Sun Cobalt Users Thread Index