OpenSSH - The coast is clear. For now.

Remember, this was all rumor to begin with. Analysis of the logs has pretty much proven that they were just doctored to look like something new. This was just a vanilla brute-force attack tool.

The ISC wants everyone to quit spreading FUD. I agree.

I am still uneasy about strange OpenSSH bastardizations with old code being used as "enterprise" SSH implementations, and I still think that creating Google Alerts RSS feeds and pumping them into Google Reader is a great way to track the development of rumors or any kind of breaking news.

blog comments powered by Disqus