SECURITY SEMINAR SERIES
||Inoculating SSH Against Address-Harvesting Worms|
||Stuart Schechter, MIT|
||Thursday, 12 May 2005, 16:15|
||Lecture Theatre 1, William
Over the past year, attacks on SSH have compromised major supercomputing
facilities, educational institutions, and national laboratories. These
attacks have proven inadequate our current mechanisms for authenticating
users and then isolating them from each other.
I will describe the mechanisms that have been used to attack SSH and other
remote execution mechanisms, and then present data to help explain why these
attacks have been so successful. I will describe countermeasures that can be
used to make SSH more resilient to some of these attacks. However, other
attacks require us to rethink our entire approach to authenticating
ourselves to remote hosts and services and authorizing other hosts to
perform tasks on our behalf.