From: Christopher L. Barnard (cbar44@tsg.cbot.com)
Date: Fri Feb 03 2006 - 14:02:37 EST
I have a question about Sun SSH vs OpenSSH. When vulnerabilities are
discovered and an alert is sent by CERT, IW, FSISAC, SAGE, etc, it indicates
the vendor and version of software that is vulnerable. Whenever the alert
has to do with ssh, it indicates several vendors, but never Sun. My
understanding is that Sun SSH is based upon a version of OpenSSH. The fact
that Sun SSH is never mentioned in these alerts gives me the impression that
the Sun SSH is not kept up to date. So if one wants to keep abreast of
security issues with the ssh protocol, use OpenSSH and not Sun SSH?
+-----------------------------------------------------------------------+
| Christopher L. Barnard O When I was a boy I was told that |
| cbarnard@tsg.cbot.com / \ anybody could become president. |
| (312) 347-4901 O---O Now I'm beginning to believe it. |
| http://www.cs.uchicago.edu/~cbarnard --Clarence Darrow |
+----------PGP public key available via finger or PGP keyserver---------+
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:38:50 EDT