What are the contents of :

$HOME/.ssh/config

/etc/ssh/ssh_config

?

Thomas Mondoshawan Tate wrote:
> 
> On Tue, Dec 04, 2001 at 06:43:24PM -0800, Lowell Hamilton wrote:
> > That has the signature of an exploited machine.  I have seen several of
> > these with the same issues.  When people exploit the CRC-32 ssh hole,
> > the rootkits disable ssh to keep others from using the same exploit,
> > and it has the affect of locking legit users out as well.  I'm not
> > saying it's guaranteed to be it, but it is possible.  If you used any
> > redhat distribution or several others they come default with an old
> > (pre v2.9) OpenSSH which is vulnerable.
> >
> > Lowell
> 
> I built this machine from the ground up from source copies of the latest
> distributions of each package. I'm running OpenSSH_3.0p1, with protocols
> 1.5/2.0. The system was just recently installed to the outside world a few
> seconds ago, so it's not possible for it to be rooted this early. =op
> 
> --
> Thomas "Mondoshawan" Tate
> phoenix@psy.ed.asu.edu
> http://tank.dyndns.org
> 
>   ------------------------------------------------------------------------
>    Part 1.2Type: application/pgp-signature

-- 
Kevin O'Connor
 
 "People will be free to devote themselves to activities that are fun
... 
 
The GNU Manifesto - Copyright (C) 1985, 1993 Free Software Foundation,
Inc.