Full Disclosure mailing list archives
Re: new ssh exploit?
From: security snot <booger () unixclan net>
Date: Mon, 15 Sep 2003 13:33:40 -0700 (PDT)
Keep in mind that the "secure" in "secure shell" only implies that the communication itself is encrypted (the same way Verisign makes your webservers secure and unhackable). It has nothing to do with the actual security of the daemon, and if you think for a second that allowing unfiltered ssh connections to your network won't get you owned, you obviously don't understand the power of zeroday. I always explain to my clients that if their networks are interesting enough to be owned, by people who have the power to own them, then there really isn't much that can be done to prevent it; we as security professionals can only sit back and deal with the post-compromise scenario when dealing with hackers. Just my two cents. - booger, the forensics wizard, champion of multiple honeynet contests ----------------------------------------------------------- "Whitehat by day, booger at night - I'm the security snot." - CISSP / CCNA / A+ Certified - www.unixclan.net/~booger/ - ----------------------------------------------------------- On Mon, 15 Sep 2003, christopher neitzert wrote:
Does anyone know of or have source related to a new, and unpublished ssh exploit? An ISP I work with has filtered all SSH connections due to several root level incidents involving ssh. Any information is appreciated. -- Christopher Neitzert - GPG Key ID: 7DCC491B
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- new ssh exploit? christopher neitzert (Sep 15)
- Re: new ssh exploit? security snot (Sep 15)
- Re: new ssh exploit? phlox (Sep 15)
- Re: new ssh exploit? Andreas Gietl (Sep 16)
- Re: new ssh exploit? Florian Weimer (Sep 16)
- Re: new ssh exploit? Michael 'Moose' Dinn (Sep 16)
- RE: new ssh exploit? Aditya (Sep 17)
- Re: new ssh exploit? Cael Abal (Sep 17)
- Re: new ssh exploit? Andreas Gietl (Sep 16)
- Re: new ssh exploit? Adam Shostack (Sep 15)
- Re: new ssh exploit? Justin Kreger (Sep 15)
- Re: new ssh exploit? Ron DuFresne (Sep 16)