At 09:45 08/09/01, James Ponder wrote:
>The difference is that to trojan su you need to have broken into a user
>account, but to trojan ssh you need to be root already.  

        Or just break SSH over the wire, which happened with SSHv1
long before the attack details were public (and some folks, for
example cisco, still only ship SSHv1).   One wonders whether attacks
exist on SSHv2.  There might be some, even though I haven't seen any
openly published yet.

Ran