>From Bruce Schneier's Cryptogram newsletter:
The Potential for an SSH Worm
SSH, or secure shell, is the standard protocol for remotely accessing
UNIX systems. It's used everywhere: universities, laboratories, and
corporations (particularly in data-intensive back office
services). Thanks to SSH, administrators can stack hundreds of
computers close together into air-conditioned rooms and administer them
from the comfort of their desks.
When a user's SSH client first establishes a connection to a remote
server, it stores the name of the server and its public key in a
known_hosts database. This database of names and keys allows the
client to more easily identify the server in the future.
There are risks to this database, though. If an attacker compromises
the user's account, the database can be used as a hit-list of follow-on
targets. And if the attacker knows the username, password, and key
credentials of the user, these follow-on targets are likely to accept
them as well.
A new paper from MIT explores the potential for a worm to use this
infection mechanism to propagate across the Internet. Already
attackers are exploiting this database after cracking passwords. The
paper also warns that a worm that spreads via SSH is likely to evade
detection by the bulk of techniques currently coming out of the worm
detection community.
While a worm of this type has not been seen since the first Internet
worm of 1988, attacks have been growing in sophistication and most of
the tools required are already in use by attackers. It's only a matter
of time before someone writes a worm like this.
This is an easy one to fix, though. One of the countermeasures
proposed in the paper is to store hashes of host names in the database,
rather than the names themselves. This is similar to the way hashes of
passwords are stored in password databases, so that security need not
rely entirely on the secrecy of the database. It solves the security
problem with no loss of functionality to the user.
The authors of the paper have worked with the open source community,
and version 4.0 of OpenSSH has the option of hashing the known-hosts
database. There is also a patch for OpenSSH 3.9 that does the same
thing. Unfortunately, the option is not turned on by default.
<http://nms.csail.mit.edu/projects/ssh/>
<http://nms.csail.mit.edu/projects/ssh/sshworm.pdf>
The fix:
<http://www.openbsd.org/cgi-bin/man.cgi?query=ssh_config>
<http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-keygen>
<http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/hostfile.c?rev=1.
34&content-type=text/x-cvsweb-markup> or <http://tinyurl.com/8938c>
--
Neil Schneider pacneil_at_linuxgeek_dot_net
http://www.paccomp.com
Key fingerprint = 67F0 E493 FCC0 0A8C 769B 8209 32D7 1DB1 8460 C47D
Secrecy, being an instrument of conspiracy, ought never to be the
system of a regular government.
- Jeremy Bentham, jurist and philosopher (1748-1832)
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
