Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: yet another OpenSSH timing leak?
From: Gianluca Varisco <giangy () techtemple org>
Date: Tue, 10 Oct 2006 00:41:25 +0200

Marco Ivaldi wrote:
It needs expect, and target ssh hostkey must be already added. I'd be very interested in knowing the results of tests performed on other distros and configurations.


Hi Marco,

nice to meet you :-). I tried to do this test over my 10 Mbps lan and this is the result:

giangy () thor:~/dev$ ./sshtime calipso users.txt

a () calipso                    real 9.55
root () calipso                 real 9.33 <- valid user with shell
wheel () calipso                real 10.44
giangy () calipso               real 9.49
cdrom () calipso                real 9.68
burning () calipso                 real 9.47
mysql () calipso                   real 9.35
operator () calipso             real 9.59 <- valid user with shell
test () calipso                 real 9.51 <- valid user with shell

Another test:

a () calipso               real 9.37
root () calipso               real 9.90 <- valid user with shell
wheel () calipso              real 10.66
giangy () calipso             real 9.41
cdrom () calipso              real 9.30
burning () calipso            real 10.30
mysql () calipso              real 9.47
operator () calipso           real 10.21 <- valid user with shell
test () calipso               real 10.98 <- valid user with shell
daemon () calipso             real 7.14
abcd () calipso               real 7.20


"root", "operator" and "test" are valid users with a valid shell enabled. I made this test on Slackware 11.0 (fresh installation) with OpenSSH_4.4p1. I used the default sshd_config (see http://slackware.osuosl.org/slackware-current/source/n/openssh/ for more informations about the package). So, I don't received any timing leak in this session.

I'll try as possible other distributions and configurations. However, good work Marco :-).

Best Regards,

Gianluca Varisco


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]