On Fri, Jan 02, 2004 at 08:36:53AM +0100, Jan Minar wrote: > Nice. So if an exploit leaks to the script kiddies, you would be cracked > only 1-2 times a day. Hopefully the first one to get in will move sshd > back to 22/tcp and patch the binary. It's currently running on port 443. I'm pretty sure that all the scans I've seen so far are targeted at https webservers, and unlikely to be a problem in this case. Keeping on top of the security updates is, of course, still absolutely essential. The point is that the exposure to no-thought-required, scripted exploits (which seems to cover the majority of cases) is greatly reduced. As always, YMMV.
Attachment:
signature.asc
Description: Digital signature