[unisog] FYI: Debian/Ubuntu SSL/SSH vulnerability, logging issues
Russell Fulton
r.fulton at auckland.ac.nz
Sun May 25 20:06:47 GMT 2008
On 24/05/2008, at 7:18 AM, Florian Weimer wrote:
> * Michael Holstein:
>
>> Even better, you can test over the network for it.
>>
>> Use "debian_ssh_scan_v4.py" from : http://itsecurity.net/
>> You'll need the latest Paramiko module : http://www.lag.net/paramiko/
>
> I wish it were that easy. This way, you only find weak host keys.
> But
> weak user keys are the main problem. 8-(
Yes, but hosts with weak keys are very likely to have users with weak
keys so it reduces the scale of the problem to something manageable.
Yes, I know that user keys may get copied around but this provides a
good starting point to tracking them down.
Russell
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2503 bytes
Desc: not available
Url : http://lists.sans.org/pipermail/unisog/attachments/20080526/72dfd4d3/attachment.bin
More information about the unisog
mailing list