Home > Security News > Linux systems actively targeted using SSH key attacks
Security News:
EMAIL THIS

Linux systems actively targeted using SSH key attacks

By SearchSecurity.com Staff
27 Aug 2008 | SearchSecurity.com

Security Wire Daily News
Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google

The United States Computer Emergency Readiness Team (US-CERT) is warning Linux users that they are being actively targeted by attackers using stolen SSH keys.

Secure Shell keys lock down communication between two networked devices. They are often used for remote authentication.

Once a Linux system is compromised, the attacker gains access to the kernel and installs a new rootkit known as Phalanx2, US-CERT said in its advisory. Phalanx2 is configured to swipe additional SSH keys from the compromised system.

US-CERT is advising system administrators to examine systems where SSH keys are used, review access paths to internet facing systems and ensure that systems are fully patched.

John Bambenek a vulnerability handler with the SANS Internet Storm Center said the biggest defense is to use a passphrase with keys for remote authentication and Internet facing machines.

"Sources of compromised keys could include the weak key vulnerability in Debian-based systems a few months ago, so if you haven't updated and replaced those keys, you ought to do so now," Bambenek said in the SANS Internet Storm Center Diary.



Tags: Emerging Information Security ThreatsAlternative OS security: Mac, Linux, Unix, etc.Malware, Viruses, Trojans and SpywareVIEW ALL TAGS

Digg This!    StumbleUpon Toolbar StumbleUpon    Bookmark with Delicious Del.icio.us    Add to Google



RELATED CONTENT
Emerging Information Security Threats
Leverage Google Attacks to Improve Cybersecurity
SCADA system, critical infrastructure security lacking, survey finds
Preparing for future security threats, evolving malware
Facebook attacks prompt investments in social networking security
Information security podcasts: 2009 archive
Hathaway calls for international cybercrime task force
Active PDF attacks target Reader, Acrobat zero-day vulnerability
Sites hit with massive automated SQL injection attack
Cybercriminals invest in social networking attacks
Best practices for (small) botnets

Alternative OS security: Mac, Linux, Unix, etc.
Is New Google Chromium OS a Security Game-Changer?
What are the Mac OS X Snow Leopard antivirus features?
Machiavelli Mac OS X rootkit unveiled at Black Hat
How secure is 'Platform as a Service (PaaS)?'
Security comparison: Mac OS X vs. Windows
Mac OS memory flaws pose challenges for enterprise endpoint protection
Rootkit Hunter demo: Detect and remove Linux rootkits
Oracle to buy Sun Microsystems for $7.4 billion
How to harden Linux operating systems
Serious holes in Mac OS X memory, researcher shows
Alternative OS security: Mac, Linux, Unix, etc. Research

Malware, Viruses, Trojans and Spyware
Malware in Google attacks uses spaghetti code
Preparing for future security threats, evolving malware
Facebook attacks prompt investments in social networking security
Another PDF attack targets Adobe zero-day vulnerability
Security report finds rise in banking Trojans, adware, fewer viruses
How to prevent rogue antivirus programs in the enterprise
How to stop keylogging malware with more than basic antivirus software, firewalls
Conficker-infected machines now number 7 million, Shadowserver finds
FBI estimates rogue antivirus losses exceeding $150 million
Security researchers continue hunt for Conficker authors

RELATED GLOSSARY TERMS
Terms from Whatis.com − the technology online dictionary
DNS rebinding attack  (SearchSecurity.com)
drive-by pharming  (SearchSecurity.com)
JavaScript hijacking  (SearchSecurity.com)
man in the browser  (SearchSecurity.com)
phlashing  (SearchSecurity.com)
polymorphic malware  (SearchSecurity.com)
pulsing zombie  (SearchSecurity.com)

RELATED RESOURCES
2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
Search Bitpipe.com for the latest white papers and business webcasts
Whatis.com, the online computer dictionary



More Tips to Secure Your Network
TechTarget Security Media
Information Security View this month\\'s issue and subscribe today.
Information Security Decisions Apply online for free conference admission.
SearchSecurity.com
HomeNewsMagazineMultimediaWhite PapersLearningAdviceTopicsEventsAbout Us
SEARCH :     Site Index Powered by: Search Powered by Google

About Us  |  Contact Us  |  For Advertisers  |  For Business Partners  |  Site Index  |  RSS
TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.

TechTarget Corporate Web Site  |  Media Kits  |  Site Map




All Rights Reserved, Copyright 2003 - 2010, TechTarget | Read our Privacy Policy 		  TechTarget - The IT Media ROI Experts