xz backdoor prevention and hosts.deny?
Hi,
With respect to debian testing, assume we filter SSH access only to a subnet using the files host.{deny,allow} (see below).
Would this prevent the attack if a malicious payload was not sent from the allowed subnet?
Asking to know if an attack was possible like this, for the few days in March the backdoor was undetected on debian testing.
/etc/hosts.deny: sshd: ALL
/etc/hosts.allow: sshd: "a_subnet"
Moreover, would it have helped if additionally allowing only public-key authentication for SSH?
Regards,
Nick
Reply to: