So if you’ve been following all this dumbness on the full disclosure mailing list you can see that the “anti-sec” movement has been posting threats all over.
SSH, apache, et al 0days.
You cant say that they are completely untalented because they hacked imageshack and replaced thousands of images with their statement image. They have also released fake exploit code claiming to be the SSH 0-day in several places which when run destroys peoples data. Not only has “anti-sec” been posting but so have numerous fakes.
It’s like 4chan out there. They are anonymous and they are doing it for the lulz. Don’t feed the trolls folks, we did it, we regret it.
Antisec has stated they will release the SSH 0-day in about a day from now, please wait until someone has analyzed it before you run it (if it appears). Even if you do please run it inside a virtual environment. SSH devs will most likely patch it within 48-72 hours if it ever materializes and is real. An nmap script will also likely be available to check for any vulnerabilities should they exist, just like conficker.
If you wish to feel safe follow the recommendations of ISC denizens:
-Make sure SSH is updated
-Audit your own SSH password
-Lock down SSH on the hardware firewall level to come only from authorized IP addresses
-hosts.deny or iptables active response
-Use a port-knocking system especially on the SSH service
-Use Portsentry to listen on port 22, while openSSH-server has another port. ban port 22 connections via portsentry and iptables
In fashion antisec has been nominated at the pwnie awards!
Pwnie for Most Overhyped Bug
Discovered by: anti-sec
The unsubstantiated reports of this vulnerability resulted in a number of rash reactions, incuding one ISP that decided to disable all of SSH daemons. We hope they had serial consoles for their servers.