Re: changing root account name

From: ellipse (elliptic@cipherpunks.com)
Date: 10/31/01

Previous message: Justin Nelson: "Re: IPChains leak for UDP!?"
In reply to: R Dicaire: "Re: changing root account name"
Next in thread: Jose Nazario: "Re: changing root account name"
Next in thread: Philipp Schulte: "Re: changing root account name"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 31 Oct 2001 11:57:55 -0700 (MST)
From: ellipse <elliptic@cipherpunks.com>
To: R Dicaire <rdicaire@ardynet.com>
Subject: Re: changing root account name
Message-ID: <Pine.GSO.4.10.10110311156220.15551-100000@parabola.cipherpunks.com>

> Account passwds can be brute forced via ssh?

Absolutely. Because the protocol is encrypted over the wire doesn't
necessarily prevent an external user from connecting to the service, and
launching a brute force attack.

It's elementary to write an expect script that incorporates ssh and a
password cracker.

ellipse

Previous message: Justin Nelson: "Re: IPChains leak for UDP!?"
In reply to: R Dicaire: "Re: changing root account name"
Next in thread: Jose Nazario: "Re: changing root account name"
Next in thread: Philipp Schulte: "Re: changing root account name"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: changing root account name
... Subject: changing root account name ... On Wed, 31 Oct 2001, R Dicaire wrote: ... > Account passwds can be brute forced via ssh? ...
(Focus-Linux)
[NEWS] SSH Protocol Weakness Vulnerability (MITM)
... A weakness in the backward compatibility of the SSH Protocol has been ... SSH version 1.0) is unlikely to have the host key for the other protocol ... The SSH daemons advertise one of two major versions, ...
(Securiteam)
SUMMARY: SSH 2.5.2p2 on Tru64 4.0g
... SSH is very particular about the permissions on the $HOME/.ssh ... Always pay particular attention the the ssh SERVERs protocol usage. ... when only using the identity.pub or rsa key. ... file on the remote host to reflect the host name without domain that was ...
(Tru64-UNIX-Managers)
Re: Where do the random numbers come from?
... I'll look into ssh... ... >>just using an established protocol is that resources on my client are ... > the server is convinced of your identity, a malicious attacker in ... >>Of course you can seed the BouncyCastle random number generator with ...
(comp.security.ssh)
Re: how to react on ssh attacks?
... > I recently checked my log files of my ssh service (so far as I ... these attacks will get more sophisticated as time goes on - the ... Protocol 2,1 line in /etc/ssh/sshd_config to say Protocol 2 and then ... Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org ...
(Fedora)