Re: HEAD's UP: possible 0day SSH exploit in the wild

[Leandro Minatel <leandrominatel@gmail.com>]

On Tue, Jul 7, 2009 at 6:20 PM, Jeroen van Drongelen <jeroen@naturewebdesign.eu> wrote:

It's helpfull indeed but withe a portscan they can easly find the other port of openssh.

If have shutdown the openssh service untill i know wich version is attackable by this exploit or when they have a solution for it.

Regards,
Jeroen

2009/7/7 Leandro Minatel <leandrominatel@gmail.com>

Hi,

a good practice, at least for me, is put openssh to listen in a different port than the default. I know, it's not the perfect solution.

Regards.

Right you are!, but, don't forget that there are more than 65500 ports to scan for ssh if it's not listening on the default one. I know, it's a matter of time, but, almost the majority of "mortals" give up if SSH is not in 22.

Regards.