[ILUG] Security (Telnet vulnerability & Password cracking)

ajh ajh-lists-ilug at devfoo.net
Thu May 10 15:15:39 IST 2001 

* John A. Kinsella (John.Kinsella at ul.ie) [010510 14:41]:
> 1) Is there a way to make ssh easy to use in the following environment: I
> move from classroom to classroom here & often run up telnet under Win* to
> connect to my Linux box

Do you have a common share that you could store a program like putty
[1]. It is pretty small in size. You could also try using mindterm[2] which
is a java ssh client and can run in a browser. 

> (e.g. to copy files across to a smb share).

You could use pscp[3] to do this.

> If I switch to ssh, do I have to carry keys round on a floppy?

Nope, first time you connect you'll be asked to confirm that the hostkey
is correct. It will then store this locally. It might be wise
to remember the fingerprint and delete the stored copy when you are
finished. This stops anyone getting your password by pretending to be
your linux box, ie. a man in the middle attack by changing the locally
stored key when you are not around.

You will still have a problem with keyboard loggers and shoulder surfing
when putting your password in. If you own some PDA, a lot of them have
apps to implememt one touch pad functionality[4]. This may also be a
good idea.

> 2)	Is my Linux passwd file really vulnerable to a password cracker
> (not a dictionary attack, but genuine decryption)?

The password file cannot be decrypted as such, this encryption used is a
one way hash, but a value that when hashed gives the same as the stored
value can be found. But brute force attacks like this are pretty
expensive even when using the standard UNIX crypt() function. A lot of
distros are also using other encryption methods like md5 which is even
more processor expensive to brute force. Having a policy/procedure of
regular password changes will solve this.

> Presumably this doesn't matter if I use ssh?...

Someone could in theory brute force logins using every possible
combination, but there are always easier ways, especially in a college
network of getting elevated access.

[1] http://www.chiark.greenend.org.uk/~sgtatham/putty 
[2] http://www.mindbright.se/mindterm
[3] http://www.chiark.greenend.org.uk/~sgtatham/putty
[4] http://palmkey.sourceforge.net/

More information about the ILUG mailing list