HACKarandas

I got to confess that I am a big podcast fan and one I am fond of is PaulDotCom – Security Weekly (I also hear it while I am jogging) So when I read in the blog the Mark Baggett’s post: Capturing SSH V1 & V2 Credentials with a MitM ssh honeypot I just feel like “I have to try it”. So I did and wrote this presentation for Sm4rt Security Services’ Tech Day, but I wanted to go further so I wrote it in a way that can be useful for the Pentesters and the Information Security Officers in the company.

In the first part I talk about some basic concepts about SSH then I got for the hacking part so I give a demonstration based on the Mark Baggett’s post and I finish giving come SSH security tips based on my experience and some articles I found on Internet. I hope you found it interesting.

You can download it from here:

SSH Hacking and Good.Practices by Adrian Puente Z. (PDF Presentation)

Please visit my other Hacking Projects o Security Articles.

If you have something valuable to add to this presentation, please leave your comment.

References:

• Secure Shell from Wikipedia, the free encyclopedia
• Red Hat Linux 9: Red Hat Linux Reference Guide, Chapter 18. SSH Protocol
• Capturing SSH V1 & V2 Credentials with a MitM ssh honeypot by Mark Baggett
• Top 20 OpenSSH Server Best Security Practices
• Key-Based SSH Logins With PuTTY

Adrián Puente Z.

Technorati Tags:
Adrian Puente Z. hackarandas SSH hacking Man in the Middle Best Practices Security