The question of whether your SSH is secure or can be intercepted is not simple! EXACT INFORMATION RELATED TO VERSIONS, CONFIGURATION, and NETWORK TRUSTS ARE REQUIRED FOR A FULL SECURITY ANALYSIS of ANY PROTOCOL. Legend {} = practical lab exploit SSH exploits cover various implementations from Protocol 1.5 to 1.99 ( which drop back down when the connection is overflowed or DoS'd) to complete "somewhat secure" Protocol 2.0. One can even BREAK modern [temporarily secure] SSH with changes to the /etc/ssh/sshd_config file (which exploiters [and admins] often [ahem] "customize") to allow X11 Forwarding, clear text, PAM, rhosts or another "useful" feature without considering greater layers of trust and mistrust in JustDoIt4Profit.com and ItCrisisJunkies4Us.com type shops. Here's a breif list of the historic SSH exploits: 1) SSH CRC32 Compensation Attack Detector 2002 2) Various Buffer Exploits a) buffer_append_space() [including most recent in 2008] {http://www.milw0rm.com/exploits/6804 } b) Key {http://www.securiteam.com/exploits/6D00M2K6AU.html } c) SSH Challenge/Authentication Boundary Condition Exploit d) SSH_FXP_OPEN exploit {http://securityvulns.com/Udocument754.html } { Gain a Root Shell: http://www.securityspace.com/smysecure/catdescr.html?cat=Gain+a+shell+remotely } Protect via fwknob: http://74.125.45.132/search?q=cache:cVZswnUzh34J:barcampchicago.com/files/fwknop-20080817.pdf+SSH+MD5+replay+script&hl=en&ct=clnk&cd=8&gl=us&client=firefox-a} 3) Debian SSH key issue {http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2008-05/msg00416.html } 4) SSH Remote Challenge Exploits UsePrivilegeSeparation && SSH Remote PAM Challenge Exploits {scanned using http://www.monkey.org/~provos/scanssh/ } 5) SSH Privilege Escalation: http://www2.packetstormsecurity.org/cgi-bin/search/search.cgi?searchvalue=OpenSSH+3.0.2p1+exploit&type=archives 6) SSH X11 Forwarding Exploits http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=463011 {http://www.secuobs.com/secumail/snsecumail/msg09943.shtml } 7) Password Attacking or Dictionary Attacks Explanation and Tests post encroachment: http://gii2.nagaokaut.ac.jp/gii/rsd.php?itemid=734 a) Worms: http://www.aerospacesoftware.com/ssh-kiddies.html b) MD5 attack {http://www.brendangregg.com/Chaos08/session_0003.textSSH.replay } c) Hydra [BackTrack] SSH dictionary attack {http://forum.darkc0de.com/index.php?action=vthread&forum=19&topic=3134} 8) Man in the middle or TCP/IP spoofing and ARP cache poisoning (especially in insufficiently source and destination limited firewalled networks and with "evil localhost entries in /etc/hosts"). { http://www.hackingdefined.com/movies/see-s...m-tunneling.zip You might need a techsmith codec to view: http://www.techsmith.com/download/codecs.asp } [sshmitm and webmitm implement active monkey-in-the-middle attacks against redirected SSH and HTTPS sessions by exploiting weak bindings in ad-hoc PKI] 10) The most recent is the PLAIN TEXT leak for SSH recently announced on CPNI: http://www.cpni.gov.uk/Docs/Vulnerability_Advisory_SSH.txt and this decription: http://www.securityfocus.com/archive/1/498558/30/0/threaded It's probable that exploits for this are already circulating, as difficult as it seems to break. a creative use will certainly be implemented in conjunction with other tools. Believe it or not there are a great many OLD versions of Protocol 1 out there in production server portals for highly visable Internet providers and corporations (some even with passwords as simple as "1234test" or "p@ssword"). There is more than one SSH protocol and more than one version of the sshd program. All of the current 1.x versions of the sshd program implement SSH protocol 1.5, which is generally called the SSH-1 protocol. Program versions 2 and higher with drop back to protocol 1 enabled show the SSH 1.99 protocol or if drop back is disabled, they show SSH 2.0 protocol. Both of these are the SSH-2 protocol. If you telnet to port 22 on a machine that is running the sshd daemon, you get back a string that tells you the protocol currently being implemented and the version of the sshd daemon. For example, a returned string might be: SSH-1.5-1.2.27 which tells you that the daemon is implementing protocol version 1.5 and that the daemon is version 1.2.27. It's generally recommended to know the features and limitations of every application in place. Here's OpenSSH's version to exploit description: http://www.openssh.com/security.html SSH Hacking and Tunneling Exploits: http://www.youtube.com/watch?v=eU4gFO0Z6GA www.Obnosis.com | http://en.wiktionary.org/wiki/Citations:obnosis | http://www.urbandictionary.com/define.php?term=obnosis (503)754-4452 Catch the January PLUG HackFest! Kristy Westphal, CSO for the Arizona Department of Economic Security will provide a one hour presentation on forensics. Laugh at this MSN Footer: _________________________________________________________________ Windows Live Hotmail now works up to 70% faster. http://windowslive.com/Explore/Hotmail?ocid=TXT_TAGLM_WL_hotmail_acq_faster_112008