eefsee writes: sans.org reports 'Over the past 24 hours we've had a number of readers tell us that there is an OpenSSH exploit in active use.' It is not clear if this is a real exploit or sysadmin CYA masquerading as exploit, but some web hosts have already turned of SSH in response. On 7/5 HostGator shut down SSH on all its shared servers. Site5 did the same thing the next day. The loss of SSH, of course, kills SFTP on these hosts as well, forcing customers to fall back on FTP. Now that is security!