Security measures in OpenSSH
نویسنده
چکیده
This paper examines several security measures that have been implemented in OpenSSH. OpenSSH’s popularity, and the necessity for the server to wield root privileges, have made it a high-value target for attack. Despite initial and ongoing code audits, OpenSSH has suffered from a number of security vulnerabilities over its 7.5 year life. This has prompted the developers to implement several defensive measures, intended to reduce both the likelihood of exploitable errors and the consequences of exploitation should they occur. This paper examines these defensive measures; each measure is described and assessed for implementation effort, attack surface reduction, effectiveness in preventing or mitigating attacks, applicability to other network software and possible improvements.
منابع مشابه
Policy Enforced Remote Login
This document describes enhancements made to the popular OpenSSH authentication service to restrict the execution of OpenSSH processes by applying a ring-based program execution policy. We also apply a label-based mandatory access control (MAC) policy to limit a user’s login shell to run at a specific security level within the user’s authorized security clearance range. While still rudimentary,...
متن کاملPreventing Privilege Escalation
Many operating system services require special privilege to execute their tasks. A programming error in a privileged service opens the door to system compromise in the form of unauthorized acquisition of privileges. In the worst case, a remote attacker may obtain superuser privileges. In this paper, we discuss the methodology and design of privilege separation, a generic approach that lets part...
متن کاملStructuring Protocol Implementations to Protect Sensitive Data
In a bid to limit the harm caused by ubiquitous remotely exploitable software vulnerabilities, the computer systems security community has proposed primitives to allow execution of application code with reduced privilege. In this paper, we identify and address the vital and largely unexamined problem of how to structure implementations of cryptographic protocols to protect sensitive data despit...
متن کاملLocal System Security via SSHD Instrumentation
In this paper we describe a method for near real-time identification of attack behavior and local security policy violations taking place over SSH. A rational is provided for the placement of instrumentation points within SSHD based on the analysis of data flow within the OpenSSH application as well as our overall architectural design and design principles. Sample attack and performance analysi...
متن کاملDistributed Intelligence in Critical Infrastructures for Sustainable Power ENK5-CT-2002-00673 Information Security Models and Their Economics
We introduce a method, Lightweight Privilege Separation, enabling safe execution of unreliable software. Ourmethod introduces no new software vulnerabilities and is fairly easy to implement. Further-more, we show by experimentsthat the execution overhead is in the order of milliseconds per execution of the unreliable process at hand. We compare ourmethod with earlier attempts of pri...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2007