this SSH exploit is absolutely wild

Temple OS is once again not affected? Coincidence?

enterusername

The creativity of threat hunters will NEVER cease to amaze me

JoachimFosse

That's why we call it "OpenSSH".

TheReferrer

"Everyone can do it" - Yeah for now nobody was able to do it on a 64 bit system only on 32 bit systems lol.

Tock

LLL: "It's from 20 years ago, 2006."
Me: "It's not THAT long -- Oh shit..."

axelfoley

Can I just say this? Thank you Low Level Learning for dark mode. So many yt chanels flash bang me.

Ny_babs

Bugs like this are part of why I use a pretty aggressive fail2ban. The attacker doesn't get 10, 000 tries... instead they get 3 tries or sometimes even less. The bans eventually expire, but instead of hours to get in, it would take decades. Plenty of time to install a fixed version.

ToyKeeper

I think at this point we can update the saying to "the three hardest problems in computer science are cache invalidation, naming things, asynchronous programs and 'Off By 1' errors"

temporal

This has all my windows people at work scream LINUX VIRUS and im so exhausted of telling them it would take literal hours and using fail2ban is a dead simple mitigation any public server should have anyway. Ugh... That said, this explanation was really good! Reminds me of the late Tetris level shenanigans where VBlank interrupts cause almost the same situation - albeit of a different nature.

IngwiePhoenix

very well explained. i love that the vulnerability is put under real word context and report is not just a scary click bait. if one has a cloud server e.g. amazon, they should limit their client IP address for that ssh port.

test

Great job explaining this vulnerability. But I think you got the LoginGraceTime part wrong. According to sshd_config's man page: "The server disconnects after this time if the user has not successfully logged in. If the value is 0, there is no time limit." - Which could result in a DoS if the maximum unauthorized connections are exhausted.

Slainte_Mhath

10:51 It does not close it immediately but rather does not close it at all. That's why as researchers mention it make you vulnerable to dos attacks as attacker does not have time limit for spawning too many waiting logins

BxOxSxS

oh that is why an openssh update was avaliable.

IrtyGo

Please add sections to your video! 🙂

Especially for experts, it is nice to skip stuff like explanations what SSH is.

ForcefighterX

I don't personally like your implied criticism of open source software twards the end of these kinds of videos. While I understand being cautious, it makes it kinda feel like its somehow a bad solution to an other wise worse alternative. Personally I think instilling fear in something that has been the better choice in security since the dawn of the internet is not a good idea. I do agree that its not perfect, but until theres an objectively better option, I would prefer that you didn't make it sound as if the world is going to collapse because we rely on the better of our options in software security.

KCKingcollin

Just wanna say I love your vids man, high prod quality and clear description of the issue.

buhfur

Oh boy, the rewrite in rust gang is coming!

JoJoDramo-ihqk

I wanted to touch on something you noted late in the video, regarding recommending not exposing SSH on the internet, which invites the question of what do you suggest instead? You can do a lot to try and isolate management networks/etc, but ultimately you need a legitimate way in. Your argument that 'code can have bugs' applies to pretty much anything, we've seen various firewall vendor and VPN bugs in the past, so they're not different. How would you handle remote access?

NigelVH

@0:27 "...not that scary"
Title: ABSOLUTELY WILD !!!!
😂😂

jawwad

Your explaination for laypersons is very very good. I'm not a programmer or security expert by any means, but found it was easy to comprehend thanks to your summary

mylairhasnoip