Description:
In this video, John Strand from
PaulDotCom demonstrates the dangers of using password authentication in SSH. He used
Kippo to demonstrate how passwords can be easily captured for SSH sessions. Kippo is a medium interaction SSH honeypot designed to log brute force attacks and, most importantly, the entire shell interaction performed by the attacker.
The key takeaway from this video is to use Public Key based Authentication for SSH in order to thwart SSH password brute-forcing attacks completely.
Tags: basics ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Comments:
kippo-0.5]$ ./start.sh
Starting kippo in background...Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/twisted/application/app.py", line 626, in run
runApp(config)
File "/usr/lib/python2.7/site-packages/twisted/scripts/twistd.py", line 23, in runApp
_SomeApplicationRunner(config).run()
File "/usr/lib/python2.7/site-packages/twisted/application/app.py", line 374, in run
self.application = self.createOrGetApplication()
File "/usr/lib/python2.7/site-packages/twisted/application/app.py", line 439, in createOrGetApplication
application = getApplication(self.config, passphrase)
--- <exception caught="" here=""> ---
File "/usr/lib/python2.7/site-packages/twisted/application/app.py", line 450, in getApplication
application = service.loadApplication(filename, style, passphrase)
File "/usr/lib/python2.7/site-packages/twisted/application/service.py", line 390, in loadApplication
application = sob.loadValueFromFile(filename, 'application', passphrase)
File "/usr/lib/python2.7/site-packages/twisted/persisted/sob.py", line 210, in loadValueFromFile
exec fileObj in d, d
File "kippo.tac", line 15, in <module>
from twisted.conch.ssh import factory, keys
File "/usr/lib/python2.7/site-packages/twisted/conch/ssh/factory.py", line 21, in <module>
from twisted.conch.ssh import keys
File "/usr/lib/python2.7/site-packages/twisted/conch/ssh/keys.py", line 20, in <module>
from pyasn1.type import univ
exceptions.ImportError: No module named pyasn1.type
Failed to load application: No module named pyasn1.type
meh... i thought he bypassed the certificate error.
Still, nice demonstration.
*thumbs up*