Information Security News mailing list archives
Researchers develop SSH cracker
From: InfoSec News <isn () c4i org>
Date: Wed, 22 Aug 2001 04:59:31 -0500 (CDT)
http://www.vnunet.com/News/1124839 By James Middleton 21-08-2001 Researchers at the University of California at Berkeley have discovered more vulnerabilities in Secure Shell (SSH) which allow an attacker to learn significant information about what data is being transferred in SSH sessions, including passwords. SSH was designed as a secure channel between two machines, based on strong encryption and authentication. But by observing the rhythm of keystrokes, and using advanced statistical techniques on timing information collected, attackers can pick up significant details. Each keystroke from a user is immediately sent to the target machine as a separate IP packet. By performing a statistical study on a user's typing patterns, and applying a key sequence prediction algorithm, the researchers managed to successfully predict key sequences from inter-keystroke timings. A password cracker program, dubbed Herbivore, was developed on the back of the research. Herbivore is capable of learning a user's password by monitoring SSH sessions. "Unfortunately, SSH is not as bullet proof as one would hope. Our attack shows that an eavesdropper can learn sensitive information about a user's data, such as passwords, over SSH," said Dawn Xiaodong Song, one of the researchers. Another vulnerability allowing remote access to SSH accounts with two character passwords was also discovered last week. A white paper, entitled Timing Analysis of Keystrokes and Timing Attacks on SSH, is available here. http://paris.cs.berkeley.edu/~dawnsong/papers/ssh-timing.pdf - ISN is currently hosted by Attrition.org To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY of the mail.
Current thread:
- Researchers develop SSH cracker InfoSec News (Aug 22)