[unisog] FYI: Debian/Ubuntu SSL/SSH vulnerability, logging issues

Russell Fulton r.fulton at auckland.ac.nz
Sun May 25 20:06:47 GMT 2008


On 24/05/2008, at 7:18 AM, Florian Weimer wrote:

> * Michael Holstein:
>
>> Even better, you can test over the network for it.
>>
>> Use "debian_ssh_scan_v4.py" from : http://itsecurity.net/
>> You'll need the latest Paramiko module : http://www.lag.net/paramiko/
>
> I wish it were that easy.  This way, you only find weak host keys.   
> But
> weak user keys are the main problem. 8-(

Yes, but hosts with weak keys are very likely to have users with weak  
keys so it reduces the scale of the problem to something manageable.   
Yes, I know that user keys  may get copied around but this provides a  
good starting point to tracking them down.

Russell


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2503 bytes
Desc: not available
Url : http://lists.sans.org/pipermail/unisog/attachments/20080526/72dfd4d3/attachment.bin 


More information about the unisog mailing list