[Discuss] ssh keys question

[dsr at randomstring.org (Dan Ritter)]

On Sat, Jun 18, 2016 at 01:01:32AM -0400, Bill Ricker wrote:
> But that still leaves me with executing the 2^32 dictionary attack.
> 
>  Which is likely only interesting if i've stolen all your users' hashes
> already and you have poor salts and hashes so i can rainbow table to find
> multiple users at once. Doing 2^32 trials coming in the front door of a
> server is likely to get noticed as a DOS, aside from taking literally
> forever.

This works pretty well *if*:

- you really do rate-limit incoming connections. If you didn't
  do that right, the rate-limit becomes your total bandwidth during
  the period of time that you don't notice the attack. Do you have
  suitable monitors set up? Can they alert you? Do you pay attention to
  such alerts?

- you rate-limit other authenticated services, too. Got a mail
  server running? Your POP3 or IMAP4 needs to be rate-limited or do
  authentication completely separately from the system method.

- you don't run any nonauthenticated services that might have a flaw that
  allows an attacker to read /etc/shadow. (Everyone uses shadow passwords
  these days, right? No legacy systems without it?)  Most web servers
  are good about this, but then they let all sorts of things run via CGI,
  php-fm, mod-perl, whatever. All of those are attackable areas.

- all your users are as good and conscientious as you are. This
  is easiest if they don't exist. AllowUsers, one by one, is a
  good move, too.

-dsr-