SSH miseries - it's time to break out the firewallNov 04, 1998, 11:44 (1 Talkback[s])
By Dave Whitinger
Like it or not, if you are using ssh, you could very well be vulnerable to an unknown remote root-exploit. Despite alleged false statements about vulnerabilities (posted to the BUGTRAQ mailing list), it will be extremely un-wise to continue to allow ssh access to all hosts on the Internet.
Aleph One (moderator of BUGTRAQ) suggests:
"All persons that have examined the ssh code so far have found it to be secure (so far). If you require a safety net to sleep well at night while running sshd I recommend you recompile it with the StackGuard compiler (if you are running on a x86 or want to port it).
Failing this, you may consider using some simple firewall rules to disallow ssh access except to known (and trusted) hosts. If you need a script to do this, just let us know and we'll try to help.