Network World

research center:

Applications
Search / DocFinder:
Advanced search
Home
Research Centers
Applications Convergence / VoIP LANs / Routers Network Management Network Storage Operating Systems Security Servers / Data Center Small / Med. Business Wide Area Network Wireless / Mobile
News Events Buyer's Guides
Vendor Solutions
White Papers Special Reports Webcasts Partner Sites  -Secure Routing  -ProCurve Networking  -Enterprise Security  -Software Dimension  -Application Acceleration  -IT Agility  -Networking Solutions
Site Resources
Product Tests Buyer's Guides NEW Video Library Demo.com Careers Newsletters This Week in Print Opinions Blogs Podcasts Encyclopedia Forums RSS Feeds Special Issues Network Life
About Us NW Subscription
Special Issues

Signature SeriesEnterprise All-Stars
Enterprise All-Stars NEW

You in action
You in action

New Data Center The New Data Center: Wireless & Mobility
Wireless & Mobility NEW

The New Data Center: Server Virtualization
Server Virtualization
NetworkWorld.com > Weblogs > Compendium >

Search Compendium

RSS feed

Compendium archives

SSH worms


By Adam Gaffin, NetworkWorld.com, 05/11/05

A new paper by some MIT researchers suggest it might be fairly easy for attackers to use SSH to launch lots of worms:

... We found that a surprisingly large fraction of the known hosts entries were to hosts on distant networks, that the bulk of these entries could be reached by compromising a small fraction of the user accounts in our survey, and that 62.8% of identity keys encountered were stored unencrypted. ...

But they also propose an antidote, at least for OpenSSH. Via Bruce Schneier, who says:

... While a worm of this type has not been seen since the first Internet worm of 1988, attacks have been growing in sophistication and most of the tools required are already in use by attackers. It's only a matter of time before someone writes a worm like this. ...

TrackBack
Back to Compendium

Comments

Vendor Solutions

Case Study: Security Service Credit Union
- Citrix

Newsletters
Sign up for one of NWW's newsletters.
Security Strategies
Network Systems Management
Security in Practice
Wireless News Alert
Convergence
Storage in the Enterprise
The Best of Network World
View all newsletters
Email Address:

Vendor Solutions

White Papers

Regaining Control of the Data Center
- GDCM

The State of the Internet
- Akamai

Guide to Troubleshooting Application Problems
- Fluke Networks

More...

Special Report

Clearing Today's IT Management Hurdles - GroundWork Open Source
Learn how to effectively manage your increasingly virtualized, mobile and automated IT environment in this Executive Guide. Make the best IT optimization decisions that match your IT goals. Ensure you have the most up-to-date information to make the best management choices. Download this Executive Guide now.


Research Centers: Applications | Application Development | Applications-Standards | Applications Vendor Solutions | Collaboration | CRM / ERP | Databases | Directories | Grid Computing | Java | Messaging | .Net | RFID | SOAP | Web Services | XML | Convergence & VoIP | Convergence Regulatory | Convergence Services | Convergence Standards | Convergence VoIP Vendor Solutions | Video | IP PBX | SIP | VoIP | VoIP Services | E-Business | DNS | RFID | Supply Chain | Web security LANs & Routers | Acceleration | Gigabit Ethernet | Lans-Standards | Routers | Wireless LANs | Network Management | Application Management | Desktop Management | Management Test Patch Management | Operating Systems | Linux | NetWare | Unix | Windows Outsourcing | Managed Services | Offshoring Security | Firewalls - VPN - Intrusion | Identity management | Patch Management | Microsoft Security | Privacy | Security Standards | Spam & Phishing | Viruses & worms | Web Security | Wireless Security | Servers & Desktop | Backup-Recovery | DataCenter | Desktops | Desktop Management | Grid | Servers | Server Blades | Servers Desktops | Utility Computing | Small & Medium Business | Broadband | Telework | Handhelds & PDAs | Home Networking | Security | Storage | Compliance | Infiniband | Network-Attached Storage | SANs | Storage Management | Storage Virtualization | Virtualization | Vendor News | Bankruptcy | Earnings | Lawsuits | Layoffs | Standards | Start Ups | Vendor Markets | Education | Financial | Healthcare | HIPAA | Manufacturing | Retail | Wide Area Network | Broadband | Carriers | Frame Relay | Metro Ethernet | MPLS | Service providers | Wireless services | Wireless & Mobile | Wireless LANs | PDAs & handhelds | Wireless Security | Wireless Services | Wireless Standards | Wireless Switches | All Company Profiles
IDG Network: Computerworld CSO Darwin Demo GamePro GameStar.com GamerHelp.com Infoworld
IT Careers IT World Canada JavaWorld.com LinuxWorld Macworld MacCentral.com Outsourcing World PC World Playlistmag.com