1 |
On Mon, 2 Aug 2004, Dan Margolis wrote: |
2 |
|
3 |
> --[PinePGP]--------------------------------------------------[begin]-- |
4 |
> I should point out that this in no way confirms OpenSSH to be vulnerable. |
5 |
> |
6 |
> Do you run a webserver, perhaps with PHP or other risky server-side |
7 |
> scripts enabled? Do you run any other services that may be a security |
8 |
> risk (mail, database, etc)? Have you ever logged in remotely over an |
9 |
> insecure connection or from a public access computer? |
10 |
|
11 |
These are the network daemons it is running. |
12 |
|
13 |
from portage tree: |
14 |
openssh 3.8.1_p1-r1 |
15 |
postfix 2.1.1 |
16 |
|
17 |
source install: |
18 |
tpop3d 1.4.2 |
19 |
|
20 |
I don't log into the server from any public network/computer. |
21 |
|
22 |
|
23 |
-- |
24 |
gentoo-security@g.o mailing list |