Re: Probable SSH Vulnerability
On Tue, Jun 17, 2003 at 09:45:28PM +0200, Florian Weimer wrote:
> Tim Peeler <thp@linux00.LinuxForce.net> writes:
>
> > I've done some research and have seen reports on several "kits"
> > available to exploit the SSH1 protocol.
>
> Can you send me a few links? I can only remember attacks which
> required (a) eavesdropping, (b) huge amounts of traffic (you would
> have noticed it), (c) or cooperation of the user (not checking server
> fingerprints) and traffic redirection using DNS.
We actually did notice huge ammounts of traffic on the first 2 servers,
but were so busy trying to repair those that the next few went
unnoticed. Here are some links to analysies (not the "kits"):
http://staff.washington.edu/dittrich/misc/ssh-analysis.txt
http://www.ciac.org/ciac/techbull/CIACTech02-001.shtml
As we have yet to see any indication that this is related to the crc32
compensation detector yet, I'm finding it more and more difficult
to believe that this was truely the problem. We are very confident
that this was not due to stolen keys though (at least the initial
server).
>
> >> manipulation capabilities. If the edge networks are trustworthy, you
> >> face a very powerful adversary. Why do you think you are so special?
> >
> > Does there have to be a reason? How about: some script kiddie
>
> As I wrote in my other message, WAN eavesdropping is not exactly the
> thing script kiddies do.
This is true, but /if/ (for the sake of argument) /if/ this version of
ssh is still vulnerable to these crc32 exploits, it would be trivial
for a script kiddie to break in.
>
> > We are still looking at a problem with SSH2 as well, since at least
> > one of the servers that was attacked used only SSH2. The attack
> > on these servers could have been due to a stolen key, but not likely.
>
> You should try to obtain Debian media in known-good state and
> reinstall from scratch. Be very careful when restoring the backup...
This procedure is already underway. :-)
Reply to: