I know this was already mentioned but as an ISP we have seen an increase
in suspicious traffic surrounding this. Upgrade immediately or disable
access from untrusted IPs to SSH services.
Just wanted to give everyone a reminder about the SSH vulnerability
today. If you haven't seen the news there is a remotely exploitable
vulnerability in some of the buffering offset code.
The debian bug report has a great deal on info in it
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=211205
It has been said that redhat, debian, and gentoo were affected. Our
testing indicates many other systems as well. It it vital that this be
upgraded immediately.
Sincerely,
David Uhlman
CTO 50KM Inc.
(text/plain)