- Training
- Training Live Events
- Training Without Travel
- SANS Courses
- Certified Instructors
- Career Roadmap
- Training Calendars
- SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- SANS Onsite
- SANS SelfStudy
- SANS Partnership Series
- SANS Workshop Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
the most trusted source for computer security training, certification and research
One Incident Of Remediating The CRC 32 sshd1 Vulnerability
- Abstract
- The purpose of this paper is to document the process I used to respond to the CRC32 sshd1 vulnerability. My operating environment is primary Solaris and Linux, with a small percentage of HPUX and OpenBSD. Most systems are behind a corporate firewall, but a few are on the internet and used as data transfer points. This is only the process I used, and not the only acceptable response. I will document the four steps I used and my results. The four steps consisted of: 1) Being informed of the vulnerability; 2) Researching the vulnerability and possible ways to remediate it; 3) Deploy the fix; 4) Test the fix.