|
A group called “the anti-sec movement” which credits itself for hacking ImageShack about two weeks ago, and astalavista.com, could have possibly found the holy grail of exploit code: A remote exploit for OpenSSH.
OpenSSH is an open source client/server protocol that replaced telnet (an unencrypted remote management tool), it’s what system administrators use to login to their Unix computers, phone switches, power management tools, serial consoles, routers, etc. It’s been running so long in the public that people trust it. In fact, in many cases it is much like a door to a house, just out there on the street and if you have the right keys, you can come in. |
|
The anti-sec movement has announced that in 48-hours they will release code which allows you to open any door on the Internet (if it’s visible).
 |
|
This type of hype happens every now and then, especially around the time of DEFCON (a large hacker conference in Las Vegas). It could be, and most likely is — FUD.
In fact, if it’s not FUD… use your uber cool 0-day sploit to hack my server please! blyon@blyon.com port 22. Prove it!
SANS also thinks it is FUD and they just put out a release about the “exploit”. Sounds like they feel it’s most likely a brute force user attack, which is pretty basic, old, and boring.
If it is real, anti-sec said they will also be “unleashing powerful computer worm source code with the ability to automatically find and compromise systems running any and all versions of OpenSSH.”
Meanwhile: Filter SSH, turn it off if you don’t know what it is, change the default port from 22 to something else, or enable TCP Wrappers.
Let’s sit back and enjoy the show… if there is one.
Here are some useful links: