« Charter Officially Speaks on NebuAd | Main | NebuAd Opt-Out Promises Are Nebu-Lous »

May 15, 2008

More SSH-Targeted Attacks, This Time for Debian et al

I noticed a spate of SSH and SSL-related updates for Ubuntu on my eeePC. Here’s why:

“The Internet Storm Center (ISC) at SANS is raising the alarm on the issue with a yellow alert on the flaw. According to ISC handler Bojan Zdrnja, the development of automated scripts exploiting key based SSH authentication looks like a real threat to SSH servers around the world. In a blog post, Zdrnja argued that public keys generated on any Debian based machine between September 2006 and 13th of May 2008 are vulnerable.

“‘It is obvious that this is highly critical — if you are running a Debian or Ubuntu system, and you are using keys for SSH authentication (ironically, that’s something we’ve been recommending for a long time),’ Zdrnja wrote. ‘In other words, those secure systems can be very easily brute forced.’

“Security researcher HD Moore, leaders of the Metasploit security effort has gone a step further, explaining in a public post how he was able to brute force 1024, 2048 and 4096-bit keys. The flaw itself exists in a Debian-specific version of the OpenSSL package, which generates the keys that are used in OpenSSH. Even though OpenSSL is widely used by other Linux distributions, it is not necessarily at risk according to Moore.”

(Link)

E-mail   0 Comments    Digg This    add to del.icio.us

Posted by mhall at 7:52 PM | Add Comment

Leave a comment

Name

Email Address

URL

Remember personal info?

Comments (You may use HTML tags for style)

Captcha:

Type the characters you see in the picture above.