[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security Alert

From: "Kamaraju Kusumanchi" <>
To: "Hurf Sheldon" <>
Cc: cslug-l <>
Subject: Re: Security Alert
Date: Thu, 15 May 2008 18:21:45 -0400

Thanks for the heads up. I also want to caution other Debian users to
check their /var/log/auth.log to see if their machine has been
compromised.

raju

On Thu, May 15, 2008 at 5:10 PM, Hurf Sheldon <> wrote:
> Forwarded to cslug-l <> from netadmin-l
> h
> --------
>
> A recently released security announcement affects Debian and Debian-derived
> systems (Ubuntu, Knoppix, etc). The primary risk posed by this vulnerability
> is to SSH host keys, though SSL and OpenVPN keys are also at-risk.
>
> We have seen a significant increase in scanning for vulnerable systems, and
> several exploits are now publicly available.
>
> Anyone running Debian or one of its derivatives is urged to patch and
> regenerate SSH/SSL/VPN keys as necessary.  For more information:
>
> <http://www.debian.org/security/2008/dsa-1576>
>
> Starting tomorrow (Friday, 16 May) we will be scanning campus for vulnerable
> SSH instances.  This scanning takes the form of a single SSH connection from
> either secutil1.cit.cornell.edu or secutil2.cit.cornell.edu.  This will
> allow us to compare the signature of the host key in use to a published list
> of weak keys.  Where applicable, netadmins will be notified of vulnerable
> systems.
>
>
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Reply-to: 
>         Network Operations Center
>         Cornell University
>         Ithaca, NY 14853
>         607-255-9900
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
>
>
>
>

Follow-Ups:
- Re: Security Alert
  - From: Benjamin Kraus <>

References:
- Security Alert
  - From: Hurf Sheldon <>

Prev by Date: Security Alert
Next by Date: Re: Security Alert
Previous by thread: Security Alert
Next by thread: Re: Security Alert
Index(es):
- Date
- Thread