In this video, John Strand from PaulDotCom
demonstrates the dangers of using password authentication in SSH. He used Kippo
to demonstrate how passwords can be easily captured for SSH sessions. Kippo is a medium interaction SSH honeypot designed to log brute force attacks and, most importantly, the entire shell interaction performed by the attacker.
The key takeaway from this video is to use Public Key based Authentication for SSH in order to thwart SSH password brute-forcing attacks completely.
Tags: basics ,
Latest from the SecurityTube Blog:
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
Original Source: None