From owner-freebsd-questions Wed Jun 26 17:57:38 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mail.gbronline.com (mail.gbronline.com [12.145.226.4]) by hub.freebsd.org (Postfix) with ESMTP id EC50437BF9C for ; Wed, 26 Jun 2002 16:27:09 -0700 (PDT) Received: from daleco [12.145.226.105] by mail.gbronline.com (SMTPD32-7.10) id AD69204F0070; Wed, 26 Jun 2002 18:25:29 -0500 Message-ID: <012501c21d68$e907c500$69e2910c@fbccarthage.com> From: "Kevin Kinsey, DaleCo, S.P." To: "Kevin Kinsey, DaleCo, S.P." , "Justin P. Michel" , Subject: Re: Lost in a world of SSH... Date: Wed, 26 Jun 2002 18:26:33 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2600.0000 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG OTOH, it may be. Perhaps you have to decide whether or not Brett Glass is correct on this one... My opinion: I don't hate Brett, I even appreciate/use some articles and code from his site, but I don't jump just because he posts a warning or complaint... KDK ----- Original Message ----- From: "Kevin Kinsey, DaleCo, S.P." To: "Justin P. Michel" ; Sent: Wednesday, June 26, 2002 6:22 PM Subject: Re: Lost in a world of SSH... > According to some postings from lastnight/ > this morning, 4.5-R's sshd is not vulnerable > to the latest hubbub, though there may be > future or other issues.... > > KDK > > ----- Original Message ----- > From: "Justin P. Michel" > To: > Sent: Wednesday, June 26, 2002 2:23 PM > Subject: Lost in a world of SSH... > > > > Greetings, > > > > Amidst all this chatter of SSH, I'm completely lost. I am fairly new to > > FreeBSD, and I have installed V4.5-R on both my "production" server, and > my > > test system. As far as ports go, I have installed the packaged versions > of > > Bash, Pico, Apache, PHP, and MySQL Server. As far as I know, I only have > > three ports open: Web, MySQL, and SSH. I have two questions: > > > > 1) Is the version of SSH that is installed in the base of FreeBSD V4.5-R > > vulnerable to this new (or any other) security hole? > > > > 2) Assuming that it is, what is the best way to fix said hole? > > (CVSUP?, new package?, new port - compile?) > > > > Any help would be greatly appreciated. As well, if there is anyone who > > offers services as a FreeBSD administrator, please e-mail me. > > > > Regards, > > > > Justin P. Michel > > |- J Continuum > > |- 21071 - 640 River Street > > |- Thunder Bay, Ontario, Canada > > |- P7A 8A7 > > |- (807) 344-9623 > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-questions" in the body of the message > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message