根据
Internet Storm Center,似乎有一个SSH零日攻击.
这里有一些概念代码证明和一些参考:
> http://secer.org/hacktools/0day-openssh-remote-exploit.html
> http://isc.sans.org/diary.html?storyid=6742
这似乎是一个严重的问题,因此每个Linux / Unix系统管理员都应该小心.
如果这个问题没有按时修补,我们如何保护自己?或者你如何处理零日攻击呢?
*我会在回复中发表我的建议.
解决方法
Damien Miller(OpenSSH开发人员)的评论:
http://lwn.net/Articles/340483/
In particular,I
spent some time analysing a packet trace that he provided,but it seems
to consist of simple brute-force attacks.So,I’m not pursuaded that an 0day exists at all. The only evidence so far are some anonymous rumours and unverifiable intrusion transcripts.
