Re: [Plugins-writers] Correction needed for ssh timing attack

• Previous message: Renaud Deraison: "Re: [Plugins-writers] Identification of the ManHunt service"
• In reply to: Senthil Kumar: "[Plugins-writers] Correction needed for ssh timing attack"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Fri, Jan 07, 2005 at 09:59:57PM +0530, Senthil Kumar wrote:
> 
> 77   ret = ssh_login(socket:soc, login:"bin", password:"n3ssus");
> 78   now = unixtime();
> +79 val_diff=now - then;
> +80 if ( (val_diff - inval_diff) >= 1) security_note(port);
> 
> 
> As the ssh_login for a non-existent user will take some time, checking the difference value of time to be zero is not correct.

Done, thanks ( however, with a delta check >= 2 instead of 1, as a 1
second delay is definitely too short to not produce any false positive).


				-- Renaud
_______________________________________________
Plugins-writers mailing list
Plugins-writers@private
http://mail.nessus.org/mailman/listinfo/plugins-writers

• Previous message: Renaud Deraison: "Re: [Plugins-writers] Identification of the ManHunt service"
• In reply to: Senthil Kumar: "[Plugins-writers] Correction needed for ssh timing attack"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Sun Jan 09 2005 - 03:21:35 PST