Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

CIACTech02-001: Understanding the SSH CRC32 Exploit

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) CIACTech02-001: Understanding the SSH CRC32 Exploit
# 1  
Old 12-24-2007
CIACTech02-001: Understanding the SSH CRC32 Exploit
In recent months, many servers running ssh have been compromised using the SSH CRC32 Compensation Attack Detector. Compromised machines have either not been upgraded to SSH protocol 2 or have not disabled drop back to SSH protocol 1. Use of this attack allows a remote user to gain root access on a server.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

4 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

List all files with prepended CRC32 (or other) hash code?

I would like to list all files in a directory tree but with a prepended digest hash code (like CRC32). CRC32 is not a MUST. If suitable another hash code can be used as well. In case of CRC32 the listing should look like 3765AC \usr\bin\spool 23CE99 \usr\bin\spool\list.h ... 11AA04... (3 Replies)
Discussion started by: pstein
3 Replies

2. UNIX for Dummies Questions & Answers

cksum does not give me crc32

Is cksum the right command to calculate the crc32 checksum value? I tried it for a number of files now and every time the results dont match. So there is nothing wrong with the file. Also, cksum gives me an all numerical value while crc32 is alpha numeric. What am I doing wrong? Thanks (9 Replies)
Discussion started by: utamav
9 Replies

3. UNIX for Advanced & Expert Users

cksum's and zip's CRC32 algorithm

Hello! For long I used cksum to find file duplicates in linux and darwin. Now I want to make my own program that does all. However I can't seem to find the correct algorithm. zip and cksum claim to use the same algorithm, but the computated sums are not the same. I've already written an... (4 Replies)
Discussion started by: regnevakrad
4 Replies

4. Programming

crc32 info

hello again, does anyone know where i can find some detailed info about the cyclic redundancy check? thx (2 Replies)
Discussion started by: crashnburn
2 Replies
Login or Register to Ask a Question

LEARN ABOUT SUSE

ssh-keysign

SSH-KEYSIGN(8)						    BSD System Manager's Manual 					    SSH-KEYSIGN(8)

NAME

     ssh-keysign -- ssh helper program for host-based authentication

SYNOPSIS

     ssh-keysign

DESCRIPTION

     ssh-keysign is used by ssh(1) to access the local host keys and generate the digital signature required during host-based authentication with
     SSH protocol version 2.

     ssh-keysign is disabled by default and can only be enabled in the global client configuration file /etc/ssh/ssh_config by setting
     EnableSSHKeysign to ``yes''.

     ssh-keysign is not intended to be invoked by the user, but from ssh(1).  See ssh(1) and sshd(8) for more information about host-based authen-
     tication.

FILES

     /etc/ssh/ssh_config
	     Controls whether ssh-keysign is enabled.

     /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_rsa_key
	     These files contain the private parts of the host keys used to generate the digital signature.  They should be owned by root, read-
	     able only by root, and not accessible to others.  Since they are readable only by root, ssh-keysign must be set-uid root if host-
	     based authentication is used.

SEE ALSO

     ssh(1), ssh-keygen(1), ssh_config(5), sshd(8)

HISTORY

     ssh-keysign first appeared in OpenBSD 3.2.

AUTHORS

     Markus Friedl <markus@openbsd.org>

BSD
								   May 31, 2007 							       BSD