TechTarget

Researchers find vulnerability in common security protocol

Business networks are at risk because of vulnerabilities in a widely used security protocol.

Business networks are at risk because of vulnerabilities in a widely used security protocol.

Security researchers at the Massachussetts Institute of Technology (MIT) have highlighted the increasing danger of attacks exploiting weaknesses in the SSH (Secure Shell) protocol.

MIT warned that such attacks were likely to increase because of the widespread use of SSH in Unix- and Linux-based networks to secure remote connectivity.

The researchers found that most networks were vulnerable to a weakness involving SSH's known_hosts databases.

These databases are stored on SSH clients and include a list of remote hosts each user has previously contacted using SSH. The information includes hosts' public security keys, used by SSH to create a secure connection.

The problem relates to the fact that when a client is compromised by an attacker, known_hosts databases are easy to use in targeting other hosts. 

More information on the vulnerabilities and patches to help tackle the problem are available at:

http://nms.csail.mit.edu/projects/ssh/

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close