cybersecurity

4970 readers

16 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

Enjoy!

founded 2 years ago

MODERATORS

shellsharks

tweedge

Catch-22: Uncovering Compromised Hosts using SSH Public Keys | USENIX (www.usenix.org)

submitted 2 weeks ago by jstangroome to c/cybersecurity

0 comments fedilink hide all child comments

In this paper, we present a method to identify compromised SSH servers at scale. For this, we use SSH's behavior to only send a challenge during public key authentication, to check if the key is present on the system. Our technique neither allows us to access compromised systems (unlike, e.g., testing known attacker passwords), nor does it require access for auditing.

no comments (yet)

sorted by: hot top controversial new old

there doesn't seem to be anything here