Download SSH - Information Services and Technology

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
Document related concepts

Cyber-security regulation wikipedia , lookup

Information privacy law wikipedia , lookup

Quantum key distribution wikipedia , lookup

Cryptography wikipedia , lookup

Project 25 wikipedia , lookup

Authentication wikipedia , lookup

Security and safety features new to Windows Vista wikipedia , lookup

Unix security wikipedia , lookup

Electronic authentication wikipedia , lookup

Wireless security wikipedia , lookup

Deep packet inspection wikipedia , lookup

Next-Generation Secure Computing Base wikipedia , lookup

Data remanence wikipedia , lookup

Security-focused operating system wikipedia , lookup

Computer security wikipedia , lookup

Computer and network surveillance wikipedia , lookup

Mobile security wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Secure multi-party computation wikipedia , lookup

Cybercrime countermeasures wikipedia , lookup

3-D Secure wikipedia , lookup

Transcript 
SSH: An Internet Protocol
By Anja Kastl
IS 373 - World Wide Web Standards
Content
• Introduction
• The Governing Standards Body
• Specifications of SSH
• Application of SSH
• History
• Advantages and Drawbacks
• Conclusion
Introduction
• SSH stands for Secure Shell
• SSH is a powerful network protocol that allows the secure
exchange of data between computers
• SSH uses strong encryption and authentication to provide
confidentiality and authenticity of the data
• SSH was designed as a replacement for Telnet and other
insecure remote shells
• SSH is now used by millions worldwide for secure system
administration, file transfer, and application connectivity
The Governing Standards Body
• SSH-2 is a “Proposed Internet Standard”
• SSH-2 is publicized by the Internet Engineering
Taskforce (IETF) SECSH working group
• The IETF is an open standards organization that has
no formal membership requirements.
• Everyone participating in the development of the
protocol is an ad hoc volunteer.
Specifications of SSH
Secure Shell, as a protocol is a specification of how to achieve secure
communication over a network:
•
Authentication: When trying to log into an account on a remote computer,
SSH asks for proof of identity. Once the identity is confirmed, it is
possible to log onto the system, otherwise SSH rejects the connection.
•
Encryption: To protect data as it passes through a network, SHH encrypts
the data that is transmitted to be unintelligible except to the intended
recipients.
•
Integrity: SSH guarantees that the data traveling over the network arrives
unchanged. Any captures and modifications of data in transit will be
detected by SSH which ensures that transmissions are unmodified and
unread.
Application of SSH
• Secure System Administration:
- Providing secure terminal access to servers.
- Administrators have adopted SSH as the de-facto
standard for administrating remote servers.
• Secure File Transfer:
- Secure environment for FTP functionality.
- Used for secure file exchange within networks.
• Secure Application Connectivity:
- Port-forwarding to protect application protocol
connections.
- Secure environment for terminal-based host access.
History
•
Developed in 1995 by Tatu Ylönen, a researcher at the Helsinki
University of Technology in Finland.
•
July 1995:
SSH1 was released to the public as free software with access to the
source code. By the end of the year, an estimated 20,000 users in
50 countries used SSH1.
•
December 1995:
Ylönen founded SSH Communications Security, Ltd to further his
product
•
During 1995:
The SSH-1 protocol was documented as an IETF Internet Draft
that described the SSH1 software.
History contd.
•
1996:
SSH-2, a more secure protocol, was introduced. SSH-2 is incompatible
with SSH-1. The IETF formed a working group called SECSH.
•
1998:
The SSH2 software which is based on the SSH-2 protocol was released.
•
Late 2000:
SSH-2 is slowly becoming more deployed: individual contractors can use
the protocol freely > free SSH-2 applications are developed: OpenSSH
gains popularity.
•
2005:
SSH Communications Security released SSH-G3
•
Early 2006:
The IETF standardization process granted SSH “Proposed Standard
Status”
Advantages
• Password Exposure: SSH eliminates the risk of password
exposure because. It doesn’t transmit passwords in
plaintext format, therefore making it impossible to "sniff"
the passwords.
• Data Eavesdropping: SSH uses strong encryption and
authentication when transmitting data. SSH guarantees
that only the recipient can read the transmitted data.
• Man-in-the-Middle Attack: The SSH protocol applies
server authentication and cryptographic integrity checks
to ensure that the data cannot be modified undetected
while sent through a network.
Drawbacks
•
Because no application can address every detail, SSH contains some security issues
that it doesn’t address.
•
Password Cracking: SSH improves password security through encryption, but it’s still
a weak form of authentication, because it can be lost, given away, or guesses.
•
IP and TCP Attacks: SSH operates on top of TCP, therefore some of its weaknesses
come from TCP/IP problems. of the SSH connection.
•
Traffic Analysis: Traffic patterns can be an important source of information for a
hacker. Sudden increase or decrease in traffic can indicate important transactions or
unguarded networks.
•
Covert Channels: SSH doesn't attempt to eliminate covert channels, because their
analysis is usually performed by other security applications on a system.
•
Carelessness: SSH is an effective tool, but it can’t take over every security aspect and
its effectiveness depends on the user.
Conclusion
• Although there are some aspects that the protocol
wasn’t designed to prevent, overall SSH is a very
secure system
Related documents
E-business Website Development Lab
E-business Website Development Lab
Lab 1
Lab 1
REMOTE LOGIN PROTOCOLS
REMOTE LOGIN PROTOCOLS
Strengths and Potential of Swiss SSH Research with regard to
Strengths and Potential of Swiss SSH Research with regard to
Physical and mental wellbeing: A program for the long term rehabilitation of psychiatric patients (PDF File 185.9 KB)
Physical and mental wellbeing: A program for the long term rehabilitation of psychiatric patients (PDF File 185.9 KB)
I`ve found some time to write one more article for forum Exploit.in In
I`ve found some time to write one more article for forum Exploit.in In
SSH
SSH
Full report - European Commission
Full report - European Commission
Connecting to the Network, Part FOUR
Connecting to the Network, Part FOUR
Time Server - WordPress.com
Time Server - WordPress.com
Getting the Most From SSH Brooks Davis <brooks@one-eyed
Getting the Most From SSH Brooks Davis <brooks@one-eyed
Exploitation of IoT devices for Launching Mass-Scale
Exploitation of IoT devices for Launching Mass-Scale
myWorld Social Studies, Building Our Country
myWorld Social Studies, Building Our Country
A Labeled Data Set For Flow-based Intrusion Detection
A Labeled Data Set For Flow-based Intrusion Detection
Investigating Two Different Approaches for Encrypted Traffic
Investigating Two Different Approaches for Encrypted Traffic
The UNIX/Linux Operating System Networking/Internet
The UNIX/Linux Operating System Networking/Internet
Research Infrastructures in Social Sciences and Humanities
Research Infrastructures in Social Sciences and Humanities
Software Driven Networks BoF
Software Driven Networks BoF
Network Security
Network Security
Protocol Overview
Protocol Overview
William Stallings Data and Computer Communications
William Stallings Data and Computer Communications
Organizations That Use TLS/SSL
Organizations That Use TLS/SSL