January 3, 2024 at 10:10AM
Nearly 11 million internet-exposed SSH servers are vulnerable to the Terrapin attack, which manipulates sequence numbers during the handshake process to compromise the integrity of SSH channels. This attack affects both clients and servers and was developed by academic researchers from Ruhr University Bochum in Germany. The significance of this report lies in highlighting the widespread impact of Terrapin attacks.
Certainly! Here are the key takeaways from the meeting notes:
1. Approximately 11 million internet-exposed SSH servers are susceptible to the Terrapin attack, which poses a threat to the integrity of SSH connections.
2. The Terrapin attack targets the SSH protocol affecting both clients and servers and was developed by academic researchers at Ruhr University Bochum in Germany.
3. It manipulates sequence numbers during the handshake process and compromises the integrity of the SSH channel, particularly when specific encryption modes like ChaCha20-Poly1305 or CBC with Encrypt-then-MAC are used.
4. Attackers can downgrade public key algorithms for user authentication and disable defenses against keystroke timing attacks in OpenSSH 9.5.
5. The Terrapin attack requires attackers to have an adversary-in-the-middle (AitM) position to intercept and modify the handshake exchange.
6. There are nearly 11 million vulnerable SSH servers on the public web, with most of the vulnerable systems identified in the United States, China, Germany, Russia, Singapore, and Japan.
7. A report by security threat monitoring platform Shadowserver warns about the widespread impact of Terrapin attacks and the large pool of vulnerable systems available to adversaries.
8. The Ruhr University Bochum team provides a vulnerability scanner to check the susceptibility of an SSH client or server to Terrapin.
Please let me know if there’s anything else you need.