Technology

63672 readers

4694 users here now

This is a most excellent place for technology news and articles.

Our Rules

Follow the lemmy.world rules.
Only tech related content.
Be excellent to each other!
Mod approved content bots can post up to 10 articles per day.
Threads asking for personal tech support may be deleted.
Politics threads may be removed.
No memes allowed as posts, OK to post as comments.
Only approved bots from the list below, to ask if your bot can be added please contact us.
Check for duplicates before posting, duplicates may be removed
Accounts 7 days and younger will have their posts automatically removed.

Approved Bots

founded 2 years ago

MODERATORS

OpenSSH vulnerabilities could pose huge threat to businesses everywhere (www.techradar.com)

submitted 1 week ago by gerowen to c/technology

4 comments fedilink hide all child comments

Subtitle: Qualys finds two worrying bugs in OpenSSH

When I checked my personal rigs Debian had already released the patches and my home server had already auto updated itself.

top 4 comments

sorted by: hot top controversial new old

[–] [email protected] 9 points 1 week ago

Soo, the point is to not enable features that undermine security, like using an FQDN as a key (or source of a key) and to enable features that reduce DoS, like a connection timeout. Does not sound like bugs, just like missing default options.

It's still important to not use the affecting options.

[–] [email protected] 6 points 1 week ago

Hot take: Might be wise to adopt the security by obscurity model and go with an OS that is hardened (ideally, a formally verified microkernel like sel4) or runs in a custom VM/container with almost zero attack surface area.

[–] pHr34kY 4 points 1 week ago (1 children)

The single biggest attack vector for SSH is IPv4. Disable it and 99% of issues go away.

[–] [email protected] 8 points 1 week ago

If my isp would support ipv6, that would be great!