My nessus scans warn me that my MT is running a version of OpenSSH older than 3.7.1 and that older versions have vulnerabilities. In total it gives me 4 warnings wich are stated as beeing a high risk. I was just wondering: is my nessus scan correct or is de OpenSSH on mikrotik patched without changing the version number. I am running 2.9.46 of MT. It also warns me that connections using version 1.33 and 1.5 of the SSH protocol can be made.
Can someone shed some light on this for me?
Thx
I see constant ssh probing, but not actual successful breakins. I would guess if the MT ssh was insecure, they’d have broken in by now. Complex software has lots of insecurities, probably related to features that are not used in MT.
While we’re on the topic, I can’t ssh from MT to newer linux hosts. I wonder if it’s a version related thing.
I suggest, better change the default port 22.
MT using OpenSSH.
I dunno how tough the existing OpenSSH right now, but from 2 years ago, i moved to SSH.Com instead of OpenSSH because my public and well known servers r00t3d down by unknown hacker with the exploit i knew very well.
The SSH exploit released by team teso for their closed members and it will worked nicely if the OpenSSH provide SSH version 1 and 2 or where we can see “OpenSSH-1.99.xxx” when we do telnet to port 22.
- Rio.Martin -
So the easiest solution will be to disable the ssh service since I rarely login through ssh but allways use the winbox thingy to connect
Thanx for the info