[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[no subject]

http://metasploit.com/users/hdm/tools/debian-openssl/

In case you don't care to follow that link, it's a link to a tool that
will generate all possible SSH keys based on the openssl PRNG used by
debian.
-Aaron


> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > A recently released security announcement affects Debian and
> > Debian-derived
> > systems (Ubuntu, Knoppix, etc).  The primary risk posed by this
> > vulnerability is to SSH host keys, though SSL and OpenVPN keys are also
> > at-risk.
> >
> > We have seen a significant increase in scanning for vulnerable systems,
> > and
> > several exploits are now publicly available.
> >
> > Anyone running Debian or one of its derivatives is urged to patch and
> > regenerate SSH/SSL/VPN keys as necessary.  For more information:
> >
> > <http://www.debian.org/security/2008/dsa-1576>
> >
> > Starting tomorrow (Friday, 16 May) we will be scanning campus for
> > vulnerable SSH instances.  This scanning takes the form of a single SSH
> > connection from either secutil1.cit.cornell.edu or
> > secutil2.cit.cornell.edu.  This will allow us to compare the signature of
> > the host key in use to a published list of weak keys.  Where applicable,
> > netadmins will be notified of vulnerable systems.
> >
> > Wy
> >
> >
> > Wyman Miles
> > Manager, Security Engineering
> > Cornell University, Ithaca, NY
> > (607) 255-8421
> > -----BEGIN PGP SIGNATURE-----
> > Version: Mulberry PGP Plugin v3.0
> > Comment: processed by Mulberry PGP Plugin
> >
> > iQA/AwUBSCyMAcRE6QfTb3V0EQJyogCfaPGh2JzIgVNBBN1sh03WUbw8TC0AnjtH
> > WBW4QG8bJvDLWMV1ucaN9gz0
> > =6Igh
> > -----END PGP SIGNATURE-----
> >
> >
> > * * * * * * * * * *
> >
> > Net-Admin-L: A forum for network administrators and technology support
> > providers at Cornell University
> >
> > Related Wikis: <https://confluence.cornell.edu:443/display/TSPFORUM/> and
> > <https://confluence.cornell.edu/display/NETADMINWIKI/>
> >
> > CIT TSP Support Channel: 607-255-8690 or 
> >
>   


Aaron Wade, CCE
IT Security & Infrastructure
Engineering Information Technologies
Cornell University
mobile:607.227.1067
office:607.254.2721


* * * * * * * * * *

Net-Admin-L: A forum for network administrators and technology support providers at Cornell University

Related Wikis: <https://confluence.cornell.edu:443/display/TSPFORUM/> and <https://confluence.cornell.edu/display/NETADMINWIKI/>

CIT TSP Support Channel: 607-255-8690 or

Prev by Date: re: Secrurity Alert (from net-admin-l)
Next by Date: [Fwd: LinuxQuestions.org - Community Bulletin]
Previous by thread: re: Secrurity Alert (from net-admin-l)
Next by thread: [Fwd: LinuxQuestions.org - Community Bulletin]
Index(es):
- Date
- Thread