RE: Query related to "Plaintext Recovery Attack Against SSH"
- From: "Marc Serra" <MSerra@xxxxxxxx>
- Date: Thu, 5 Feb 2009 08:35:37 +0100
For the second option you can install 'fail2band', when a maximum of retrys arribes that ip is banned for a time what you was defined.
I have it installed since two years ago, and work's great!
-----Mensaje original-----
De: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx] En nombre de K R Venkateshan
Enviado el: miércoles, 04 de febrero de 2009 8:35
Para: secureshell@xxxxxxxxxxxxxxxxx
Asunto: Query related to "Plaintext Recovery Attack Against SSH"
Narayana Smaranas,
I read the OpenSSH security advisory about "Plaintext Recovery Attack". But I was not able to get a clear picture of the same.
Can someone explain in detail about this "Plaintext Recovery Attack against SSH" ?
From the above advisory, it appears that there are two approaches that could be adopted, as a solution to this vulnerability;
By enabling of CTR-mode ciphers only.
or
By configuration of connection retries.(Can somebody provide more details)
If the second approach of connection retries is to be adopted, what is the proposed solution ?
Narayana Smaranas,
Venkatesha.
Add more friends to your messenger and enjoy! Go to http://messenger.yahoo.com/invite/
Marc Serra - OiS
mserra@xxxxxxxx
<img>
Manxa 1901 S.L.
Ctra. Les Tries 85
17800 Olot (Girona)
Telf: +34 972 27 64 99
www.manxa.es
- Prev by Date: Re: 5.1p1 and X11 forwarding failing
- Next by Date: gets "failed password" when scripts are ssh'ing into server, but when I manually ssh in it works fine???
- Previous by thread: Query related to "Plaintext Recovery Attack Against SSH"
- Next by thread: gets "failed password" when scripts are ssh'ing into server, but when I manually ssh in it works fine???
- Index(es):
Relevant Pages
|
