VnutZ Domain
Copyright © 1996 - 2020 [Matthew Vea] - All Rights Reserved

2008-05-23
Featured Article

Brute Force Attacks on SSH

[index] [2,214 page views]
Tagged As: Cryptography, Hacking, and Security

Computer researchers at Clarkson University have provided a little more light into an adaptation of the classic brute-force attack on authentication. Many UNIX systems are considered secure because previously accessible ports and weaknesses are now hidden behind SSH tunnels. As the prevalence of SSH servers has risen, they have become more lucrative than ever for hackers to penetrate. The classic brute-force attack was relatively easy for a prudent administrator to counter, however, BOTnets allow a new technique called "slow-motion brute-force" whereupon the attack is spread across time and IP space making the attack much harder to detect. Owens' research shows the BOTnets still employ the typical popular username/password combinations in addition to what seemed to be a common dictionary list. Their conclusions include the typical good user policies and strong password enforcement but do raise the issue that many IDS configurations would miss the distributed attack.



More site content that might interest you:

Sometimes it takes video games and porn to push the technological envelope forward.


Try your hand at fate and use the site's continuously updating statistical analysis of the MegaMillions and PowerBall lotteries to choose "smarter" number. Remember, you don't have to win the jackpot to win money from the lottery!


Tired of social media sites mining all your data? Try a private, auto-deleting message bulletin board.