|
|
ÊAdvertise ÊContact ÊSecurityWatch |
| Ê Articles | Editorials | Reviews | News | InfoSec Directory | Releases | Submit PR |
|
GFI MailArchiver for Exchange - Easily archive Exchange Server mail & comply with Sarbanes Oxley - Free evaluation available. Network Security Software - Sponsored by GFI Network Security. 
|
Inoculating SSH Against Address-Harvesting Worms
Added: Thursday, 12 May 2005 Publisher: MIT Category: Network Security Address harvesting is the act of searching a compromised host for addresses of other hosts to attack. Secure Shell (SSH), the tool of choice for administering and communicating with mission-critical hosts, securitycritical hosts, and even some routers, leaves each user’s list of previously contacted hosts open to harvest by anyone who compromises the user’s account. Attackers have combined address harvesting with myriad mechanisms for impersonating a host’s legitimate users to obtain a remote shell via SSH. They have succeeded in breaching systems at major academic, commercial, and government institutions. In this paper, we detail the threat posed should attackers automate this mode of attack to create a self-propagating worm. Download | InfoSec Directory |
Monday, May 23, 2005 Network Security
 Wireless Security
InfoSec Directory
 Press Releases |
| ÊCopyright © 2000 - 2005 eBCVG IT Security | Affiliates :: RSS feeds :: PrivacyÊ |
Ê