Threat Level: green Handler on Duty: Bojan Zdrnja

SANS ISC: INFOcon back to green SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
INFOcon back to green

The Debian/Ubuntu SSL problem by now has sufficient media attention. Once the big security firms raise their threat level indicators, we at SANS ISC can go back to green :). 

Debian Wiki has a good (and evolving) write-up on problems and resolutions: wiki.debian.org/SSLkeys

As a reminder, all systems that contain Debian/Ubuntu generated cryptographic key material are potentially vulnerable. You need to check those "authorized_keys" files for SSH on all platforms, not just on Debian.

Daniel

367 Posts
ISC Handler
May 16th 2008

Sign Up for Free or Log In to start participating in the conversation!