OpenSSH exploit affects Mac OS X users
Don't get too worked up it's disabled by default; but if you have a version prior to 3.7 and have it enabled you may want to upgrade.
From MacNN
SecurityFocus BUGTRAQ
From MacNN
SecurityFocus BUGTRAQ
Comments
Originally posted by AlPanther
Don't get too worked up it's disabled by default; but if you have a version prior to 3.7 and have it enabled you may want to upgrade.
From MacNN
SecurityFocus BUGTRAQ
Or disable it until Apple releases an update.
Port 22 is ssh, allow only traffic from IPs that you know you're going to be using.
I figure if they are that concerned with hacking my piddly home box that they take the trouble to snoop my connections, learn the IPs I'm using, spoof them, then crack ssh... let 'em. I'm not that concerned.
Originally posted by Xool
Come on Apple... where's my Security Update?
They usually take a week (if they're quick) to fix things like this.
Originally posted by Xool
You think this security update will just be included in 10.2.8?
What about 10.1.x users? IMO, security updates should be offered in elemental form.
Originally posted by Eugene
What about 10.1.x users? IMO, security updates should be offered in elemental form.
Lol. And they fix it for 10.2.8, but not for my G5! Doh!
Originally posted by WJMoore
They usually take a week (if they're quick) to fix things like this.
6 days, not far off eh!
Originally posted by Xool
Lol. And they fix it for 10.2.8, but not for my G5! Doh!
I'll second that sentiment. Right there with you waiting for a G5 update...
Panther 10.3 (7b53) works great on the G5, and there is even a speed increase when going from 10.2.7 to Panther !
Still no SSH patch for my G5. In fact, now that 10.2.8 has been pulled, there's no fix for my other boxes either.