Skip to content

Posts tagged ‘openssh’

1
Sep

Kernel.org Compromised, OpenSSH Source Not Backdoored

Kernel.org, the primary site for the Linux kernel source, was compromised sometime in August. It is believed that the attackers gained access using compromised user credentials, and then escalated their privileges to root. Early pieces of information implied that some OpenSSH source code was stored on the compromised Kernel.org server(s), apparently this may not be the case. So far the investigation has found that several modifications were made to the compiled OpenSSH client and server binaries running on the system to log user activity. The full extent of the changes is not yet known, and nobody has yet come forward to claim this hack.

If you’ve installed or updated your kernel or OpenSSH recently, you may want to reinstall from a known good version, although it is not yet known if any kernel sources were modified. Although in this case OpenSSH wasn’t compromised, admins can consider running some form of Single Packet Authorization, such as fwknop, as an additional layer of protection for your SSH server against these kinds of issues (backdoors) and other potential future 0days.

Hopefully more info will come to light as the investigation progresses. Hit the jump for more details.

Read moreRead more

15
May

Mitigating SSH Vulnerabilities Using Single Packet Authorization

Note: This is a 2008 post I managed to recover from my archive of Securethoughts.net

This past week has seen a bit of activity on the SSH security front. To begin with, on Tuesday (13/05/08) Linux distributions Debian and Ubuntu announced that due to a flaw in the random number generator used to generate cryptographic keys used by OpenSSL, OpenSSH and OpenVPN, making these keys far more predictable than they should be, and can be discovered by performing a brute force attack. This is particularly true of the encryption keys used by OpenSSH. HD Moore of the Metasploit project has created a page cover these vulnerabilities, with links to tools that can be used to check for weak keys, as well as key blacklists.

Coincidentally, on Wednesday (14/05/08) a number of network administrators issued warnings of increased brute force and dictionary attacks on systems running SSH. It is believed, however, that these increased attacks are most likely unrelated to the vulnerabilities disclosed in SSH the day before.
As a result of the vulnerability disclosures, users of Ubuntu and Debian systems are not only strongly encouraged to update their software, but also delete all cryptographic keys generated between September 2006 and the 13th of May 2008, and re-generate new keys. Some Debian system administrators, whose systems make significant OpenSSH and OpenVPN, frantically trying to determine which systems are vulnerable and where new keys need to be generated.
As you can expect, due to the nature of services like SSH, it is quite a crucial service to keep secure. Doing so is potentially a complex task due to brute force/dictionary attacks, weak key attacks, and 0day exploits. This is one area in particular where Single Packet Authorization (SPA) excels.
SPA is a method for keeping a host’s firewall completely closed down until a valid authorization packet is received, which will then allow the authorized client to connect during a very short timeframe. As such, an attacker cannot even reach the SSH daemon in order to carry out the attacks mentioned above. This would give system administrators a lot more breathing room for carrying out updates, re-generating keys, etc. It essentially adds an extra layer of security, and adds to the concept of defense-in-depth which is an important part good all-round security.

A very robust implementation of SPA is the Firewall Knock Operator (fwknop), developed in Perl by Michael Rash, which includes features such as replay-protection. I’ll be posting a tutorial on setting up fwknop on OS X very soon. Aldaba, another implementation by Luis Martin Garcia, is written entirely in C, and offers similar functionality to fwknop. Finally the latest implementation that has come to my attention in the past few days is “Ramius“, written entirely in Bash by John Brendler. Although I have not tested it yet, it’s good to see new implementations using readily-available tools.

css.php