[prev in list] [next in list] [prev in thread] [next in thread] 

List:       secpapers
Subject:    ScanSSH - Scanning the Internet for SSH Servers
From:       aleph1 () securityfocus ! com
Date:       2001-12-04 2:37:18
[Download RAW message or body]

"ScanSSH - Scanning the Internet for SSH Servers",
Niels Provos and Peter Honeyman, 16th USENIX Systems Administration
Conference (LISA). San Diego, CA, December 2001.

SSH is a widely used application that provides secure remote login. It uses 
strong cryptography to provide authentication and confidentiality. The IETF 
SecSH working group is developing SSH  v2, an improved SSH protocol that 
fixes cryptographic and design flaws in the SSH v1 protocol. SSH v2 
compatible server software is widespread.

Recently discovered security flaws make it critically important to find 
vulnerable SSH servers and update them. In this paper, we describe a method 
to determine with good precision how many servers supporting the various 
protocol version have been deployed on the net.

We describe the design and implementation of Scan SSH, a scanner that 
probes SSH servers for their software version, and discuss the results of 
scanning the Internet and our local networks for several months.

http://www.citi.umich.edu/techreports/reports/citi-tr-01-13.pdf   

-- 
Elias Levy
SecurityFocus
http://www.securityfocus.com/
Si vis pacem, para bellum

[prev in list] [next in list] [prev in thread] [next in thread]