Full Disclosure mailing list archives
Re: No Subject (re: openssh exploit code?)
From: Richard Massa <rmassa () unixboxen net>
Date: Tue, 21 Oct 2003 14:09:10 -0700
So I know of a way to patch openssh without "taking the server down", but that would improve efficiency and generally be useful knowledge to the security community so I'm not going to tell anyone about it on this full disclosure mailing list, I'd rather just flaunt my knowledge and gloat secretly how I've got everyone all huffed up about it... If YOU don't know how to do it, obviously YOU shouldn't be running openssh. because you are an idiot. Oh wait, my name isn't Mitch... Okay, I realize I'm picking nits here, but everyone is talking about "taking their systems down" to patch openssh. I realize you guys are talking in a more general sense, but you don't have to take sshd down (and sever all connected clients) to patch it. Simply install the new version by whatever method you use and kill and restart the master sshd process. Easily scriptable, no downtime required, doesn't kick anyone off, including that professor who's had his model running for 20 days remotely via ssh... -- "Sonny Bono Copyright Term Extension Act... The meaning is: No one can do to the Disney Corporation what Walt Disney did to the Brothers Grimm." -Lawrence Lessig _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: No Subject (re: openssh exploit code?), (continued)
- RE: No Subject (re: openssh exploit code?) Brent J. Nordquist (Oct 21)
- RE: No Subject (re: openssh exploit code?) mitch_hurrison (Oct 21)
- RE: No Subject (re: openssh exploit code?) Schmehl, Paul L (Oct 21)
- RE: No Subject (re: openssh exploit code?) Montana Tenor (Oct 21)
- RE: No Subject (re: openssh exploit code?) Ted Unangst (Oct 21)
- Re: No Subject (re: openssh exploit code?) Benjamin Krueger (Oct 21)
- Re: No Subject (re: openssh exploit code?) Shawn McMahon (Oct 22)
- RE: No Subject (re: openssh exploit code?) Montana Tenor (Oct 21)
- Re: No Subject (re: openssh exploit code?) mitch_hurrison (Oct 21)
- Re: No Subject (re: openssh exploit code?) Blue Boar (Oct 21)
- RE: No Subject (re: openssh exploit code?) Bassett, Mark (Oct 21)
- Re: No Subject (re: openssh exploit code?) Richard Massa (Oct 21)
- RE: No Subject (re: openssh exploit code?) Ron DuFresne (Oct 22)
- No Subject (re: openssh exploit code?) mitch_hurrison (Oct 21)
- Re: No Subject (re: openssh exploit code?) Dan Wilder (Oct 21)
- Re: No Subject (re: openssh exploit code?) Helmut Springer (Oct 23)
- RE: No Subject (re: openssh exploit code?) Robert Ahnemann (Oct 21)
- RE: No Subject (re: openssh exploit code?) Robert Ahnemann (Oct 21)
- RE: No Subject (re: openssh exploit code?) Robert Ahnemann (Oct 21)
- RE: No Subject (re: openssh exploit code?) Montana Tenor (Oct 21)
- RE: No Subject (re: openssh exploit code?) V.O. (Oct 21)
- Re: No Subject (re: openssh exploit code?) Kenneth R. van Wyk (Oct 21)
- RE: No Subject (re: openssh exploit code?) Montana Tenor (Oct 21)
(Thread continues...)