nixCraft , 5 days ago Heads up: regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server. Patch your server ASAP. https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server also see my openssh security guide for more info https://www.cyberciti.biz/tips/linux-unix-bsd-openssh-server-best-practices.html
Heads up: regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server. Patch your server ASAP. https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server also see my openssh security guide for more info https://www.cyberciti.biz/tips/linux-unix-bsd-openssh-server-best-practices.html
silvenga , 4 days ago @nixCraft do we know if fail2ban mitigates this at all (not sure when an open connection is considered and auth failure in the eyes of fail2ban)?
@nixCraft do we know if fail2ban mitigates this at all (not sure when an open connection is considered and auth failure in the eyes of fail2ban)?
h3artbl33d , 4 days ago @silvenga @nixCraft It doesn't. Not out of the box with the sshd jail.
@silvenga @nixCraft
It doesn't. Not out of the box with the sshd jail.
farcaller , 5 days ago @nixCraft that feel when you no longer have publicly-exposed ssh access. Oh well, now onto the patching.
@nixCraft that feel when you no longer have publicly-exposed ssh access. Oh well, now onto the patching.
h3artbl33d , 4 days ago @farcaller @nixCraft That feel when you run OpenBSD which had it fixed since 2001 :flan_guns:
@farcaller @nixCraft
That feel when you run OpenBSD which had it fixed since 2001 :flan_guns:
farcaller , 4 days ago @h3artbl33d @nixCraft ikr!
@h3artbl33d @nixCraft ikr!