Re: Keyboard Interactive Attack?

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



I just stumbled upon this story too (on /.), and as far as I
understand it, it allows a bit simpler way to perform brute force
attacks.

If you go about bruteforcing ssh, does it really matter that much if
you do it over one or 10 tcp connections?

If you do not have IDS (Intrusion Detection System, fail2ban or ossec
HIDS) installed and functioning, this bug does not matter all that
much. Determined attacker has this covered, regardles of number of
kbd-interactive attempts you allow per single connection.

b.

PS: Actually I tried the proof of concept + patch provided for ssh.
Openssh, patched with this patch, does not even compile.

On 22 July 2015 at 21:41, Scott Neugroschl <scott_n@xxxxxxxxx> wrote:
> I read an article today about keyboard interactive auth allowing bruteforcing.
>
> I'm afraid I have minimal understanding of what keyboard-interactive really does.  What does it do, and should I have my clients set it to off in sshd_config?
>
>
> ---
> Scott Neugroschl | XYPRO Technology Corporation
> 4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805 583-2874|Fax 805 583-0124 |
>
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev@xxxxxxxxxxx
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux