[62306] in North American Network Operators' Group
Re: new openssh issue
daemon@ATHENA.MIT.EDU (Avleen Vig)
Wed Sep 17 13:27:40 2003
Date: Wed, 17 Sep 2003 10:26:57 -0700
From: Avleen Vig <lists-nanog@silverwraith.com>
To: Valdis.Kletnieks@vt.edu
Cc: Richard A Steenbergen <ras@e-gerbil.net>,
William Allen Simpson <wsimpson@greendragon.com>, nanog@nanog.org
In-Reply-To: <200309161950.h8GJo6Ye020744@turing-police.cc.vt.edu>
Errors-To: owner-nanog-outgoing@merit.edu
On Tue, Sep 16, 2003 at 03:50:04PM -0400, Valdis.Kletnieks@vt.edu wrote:
> A posting to full-disclosure quotes Theo as saying HP and Cisco are affected,
> and I don't see any reason that Juniper would *NOT* be, given the common code
> base of the OpenSSH implementations. I'm not going to say the routers are
> vulnerable, but I *would* say that ACLs blocking port 22 to the router might
> be a good idea.....
Isn't this a common practice anyway? Has been anywhere sensible I've
seen :-)
