SSH
SSH
In computing, Secure Shell or SSH is both a computer program and an associated network protocol designed for logging into and executing commands on a networked computer. The designers of SSH aimed to replace the earlier rlogin, TELNET and rsh protocols, and the resultant protocol provides secure encrypted communications between two untrusted hosts over an insecure network. Users of SSH can also use it for tunneling, forwarding arbitrary TCP ports and X11 connections over the resultant secure channel; and can transfer files using the associated SFTP or SCP protocols. An ssh server, by default, listens on the standard TCP port 22.
Definitions provided by Wikipedia - The Free Encyclopedia
SSH Related Products
SnapGear can be deployed as just a firewall, as a VPN gateway, a UTM security appliance, or as a complete office network-in-a-box Internet appliance for small businesses, with all of the wide area networking tools needed to serve large enterprise remote offices.
More information
AppGate Mobility Server is an easy, secure and cost-efficient way of making information accessible via mobile devices, without the need of rebuilding infrastructure.
More information
WebBlazer is a critical component of an effective defense-in-depth strategy, the solution combines the industry's most comprehensive security and compliance URL filtering offerings, one of the most trusted, scalable, and high performing web proxy and cache technologies, and robust outbound web traffic security on high performance dedicated network security hardware.
More information
The Juniper Networks Secure Access 700 (SA 700) SSL VPN appliance provides small to medium enterprises a secure, cost-effective way to deploy remote access to the corporate network. Because the SA 700 uses Secure Sockets Layer (SSL) to provide encrypted transport, it enables instant remote access from just a Web browser. This clientless architecture eliminates the high cost of installing, configuring, and maintaining client software on every device, significantly reducing the total cost of ownership versus traditional VPN solutions. SSL delivery also eliminates the Network Address Translation (NAT) and firewall traversal issues encountered with traditional remote access products, allowing your remote users reliable and ubiquitous access from external networks such as home or hotels.
More information
The Blue Coat ProxySG 210 provides an affordable appliance solution for remote offices where direct Internet access requires accelerated performance of business applications and granular control of web communications. At the edge of an organization’s application delivery infrastructure, the ProxySG 210 provides controlled acceleration of business applications across the globally-distributed enterprise.
More information
SSH Related Industry News
BT says: Protect your network from professional hackers It's not just the warchalkers you need to worry about... BT Openworld has this week thrown its weight behind the fight against 'Warchalking' - the practice of scrawling chalk marks on the outside of buildings with Wi-Fi networks to encourage passers by to surf on companies' unprotected bandwidth.
However, the UK ISP has warned that it's not just bandwidth pirates you need to worry about. Warchalkers have also drawn attention to the very......
[more] Mobility at the cost of security? The ability to log on to the Internet in a cafe or on a train has obvious benefits for workers on the road - but just how secure is it? The mass media has had a lot of fun with wireless security: war driving, virus insertion and bandwidth stealing have all had their day in the sun. Public hot spots are more vulnerable to attack than private networks, where individual users can have their hardware authenticated as permanent network members. This means when you lo......
[more] How Secure Is OS X? To many Mac users, the recent news report of an Apple OS X security vulnerability seemed like an anomaly. While Windows users are greeted almost weekly with a new virus or worm, OS X users tend to view their systems as impervious to such concerns.
The steady stream of Windows bugs is a phenomenon far removed from their computing experience -- or so it seems. But the late February security report cast Apple in a new light.
Chris Adams, a systems administrator in San Di......
[more] Execs Must Back Security Compliance Executives need to be proactive to bring their organizations into compliance. What do eating Big Macs, smoking tobacco products and driving while drunk have in common? They can kill you. But that doesn't stop millions of people from engaging in these activities anyway.
Despite warnings, people simply don't listen.
When it comes to information security, corporate executives are the same. Many CEOs, for example, are not the least bit risk-averse. They d......
[more] The Wi-Fi explosion: a virus writer's dream With the consumer Wi-Fi explosion, launching a virus into the wild has never been easier and more anonymous than it is today. Like a sneeze in a crowded subway, it's hard to find the human source of the latest viral infection. On the Internet it's not much different. The people who write these nasty little programs and release them into the wild almost never get caught. Why? The answer is easy, but it's also a sort of technical nemesis: there's simply......
[more] Apple Issues Mega Security Update Computer maker Apple has released a security update to fix more than a dozen flaws in the Jaguar and Panther versions of its flagship Mac operating system.
According to an advisory from Apple, the most serious flaw could permit remote attackers to execute arbitrary code and potentially take over a user's system.
The mega patch fixes holes in several components of the Max OS X, including CoreFoundation, IPSec and the Kerberos 5 authentication system, which was......
[more] Linux fights off hackers Open source no easy pickings Linux systems are getting tougher for hackers to crack, security experts have reported today.
A study by not-for-profit IT security testing organisation Honeynet Project has shown that, on average, Linux systems today take three months to fall prey to hackers, up from 72 hours in equivalent tests conducted between 2001 and 2002.
The 2004 results came after a team of researchers set up 19 Linux and four Solaris 'honeypots' in eight countries......
[more] CyberGuard Provides Ten Tips for Corporations to Protect Customer Information from Identity Theft In the wake of the increasing cases of identity theft, Paul Henry, a leading security industry expert and Senior Vice President with CyberGuard Corporation, has developed ten recommended tips for corporate IT managers and Security Officers to protect customer information from identity theft. Mr. Henry has served as an expert commentator for a variety of media outlets, including NBC Nightly News, CN......
[more] Adware maker seeks to thwart rogue installs In a continuing effort to clean up its image, advertising software maker 180solutions has updated its products to thwart rogue distribution. 180solutions has long been in the crosshairs of anti-spyware groups. The Bellevue, Wash., company makes the 180search Assistant and Zango Search Assistant applications that deliver pop-up ads to users as they perform Web searches. While the company distributes Zango on its own, 180solutions relies on about 8,000......
[more] Novell server under attack A company server at Novell, apparently used by employees for gaming purposes, has been hacked to scan for vulnerable ports on potentially millions of computers worldwide.
Chris Brandon, president of Brandon Internet Security, reported the problem to Novell. He said he had been first alerted to the hack when a client reported scanning activity several days ago.
The scans, which have been going on since 21 September use Port 22 - the default port for Secure Shell (SSH......
[more] Political hackers deface Novell SUSE sites Three Novell OpenSUSE community web site were defaced on Sunday by politically motivated hackers. Defacement archive Zone-H reports that a group called IHS Iran Hackers Sabotage broke into OpenSUSE.org, wiki.novell.com and forge.novell.com to post a message stating that it was Iran's right to develop nuclear power. All three sites were defaced in the same way (archive here).
OpenSUSE.org and forge.novell.com have since been restored to normal operatio......
[more] Dutch hacker finds serious hole in IE 6 Vulnerability could allow PC to be taken over when user visits malicious Web site A Dutch Web developer has discovered a vulnerability in Microsoft's Internet Explorer (IE) 6 Web browser that could allow a PC to be taken over after a user is lured to a malicious Web site. Microsoft has reproduced the vulnerability and is analyzing the problem, said Jeffrey Van der Stad, who describes the flaw briefly on his Web site at http://jeffrey.vanderstad.net/grassho......
[more] AppGate Launches MindTerm version 3.1, with many new features and faster operation AppGate today announced the launch of an upgrade to its highly popular Java-based SSH, secure remote access client, MindTerm. MindTerm is the most commercially used Java-based SSH client in the world. MindTerm is used by some of the world's leading manufacturers of communication equipment, integrating it into their products to provide secure encrypted communication. It is also available in a freeware version for......
[more] Browser vulnerabilities and attacks will continue to mount Even as software makers add more sophisticated security features to their browsers and rush to patch documented flaws more quickly, experts maintain that holes in the programs will continue to allow for widespread malware attacks Window Snyder, chief security officer at open source browser maker Mozilla, is caught in the crosshairs of the raging browser vulnerability battle. On one hand, her company launched an upgrade to its Firefox br......
[more] New attack technique puts Oracle in crosshairs A new attack technique increases the risk of commonly found bugs in Oracle's database software, a security researcher has warned. It was previously thought that an attacker needed high-level privileges on the database to exploit so-called PL SQL injection vulnerabilities. With a new attack technique, that's no longer true, David Litchfield, a database security expert with NGS Software, said on Thursday at the Black Hat DC event in Arlington, Virgini......
[more] Apple issues OS X mega-patch The mega-patch is the seventh Apple security patch release in three months. It deals with vulnerabilities in the Mac maker's own software, as well as third-party components such as Adobe Systems' Flash Player, MySQL and OpenSSH. Sixteen of the vulnerabilities addressed by the update were previously released as part of two high-profile bug-hunting campaigns. The vulnerabilities pose varying risks to Macs. Several of the flaws could be exploited to gain full control o......
[more] Fake Gates Foundation malware spreads A malicious spam is in circulation which pretends to be from the Bill and Melinda Gates Foundation. It has the subject line 'Life for Life' and leads with the recent news that the Northern Territory Library has received the 2007 Access to Learning Award from the Bill and Melinda Gates Foundation. This information is true but the link inviting you to read more about the award takes you off to an infected Web site in Korea, according to Paul Ducklin, Asia-Pac......
[more] Hackers steal server log-ins from hosting firm Hosting vendor Layered Technologies admitted this week that hackers broke into its support database and made off with as many as 6,000 client records, including log-in information that could give criminals access to clients' servers. The US firm, which operates a pair of datacentres that hold the physical servers it manages for clients, said the break-in happened on Monday night. "The Layered Technologies support database was a target of malic......
[more] 'First' iPhone Trojan rolls into town Hackers have created Trojan horse malware targeted at Apple's much-hyped iPhone device. The package - more of a prank than a threat - poses as an "important system" upgrade supposedly needed prior to upgrading to version 1.1.3 of Apple's firmware. The "iPhone firmware 1.1.3 prep" seems to lack malicious purpose. Problems kick in when users try to uninstall the package.The bogus firmware reportedly affects components of other applications......
[more] Cisco plugs VoIP malware loophole Cisco rushed out a brace of security on Thursday to defend against potentially dangerous exploits via its VoIP kit, including the possibility of malicious code being injected into vulnerable networks. The twin advisories from the network giant cover a range of vulnerabilities in Cisco IP Phones and its Unified Communications Manager (UCM) call management software.A range of Cisco 7900 Series IP Phones are subject to multiple flaws, some of which may lend themse......
[more] Apple issues mega-monster security update Apple Inc. Tuesday issued a record-breaking security update that patched nearly 90 vulnerabilities in both its own code and the third-party applications it bundles with its Tiger and Leopard operating systems. Security Update 2008-002 plugged 87 holes in the client and server editions of Mac OS X 10.4 and Mac OS 10.5, This single update's total patch count nearly equaled half of all the fixes Apple released in 2007, and easily dwarfed the biggest update......
[more] 5 ways insiders exploit your network Cox Communications employee William Bryant recently pleaded guilty to information technology sabotage, having caused the loss of computer, telecommunications and emergency 911 services for thousands of Cox's business and residential customers throughout Dallas, Las Vegas, New Orleans and Baton Rouge. Bryant faces a 10-year jail sentence and a $250,000 fine, but the future is less certain for Cox. Although services were fully restored, the incident's effect on......
[more] Brute-force SSH attacks surge An incident handler from SANS' Internet Storm Center has warned businesses to ensure their servers are secure as SSH attacks rose five-fold early this week. The SANS Internet Storm Center has warned businesses of rising numbers of brute-force SSH attacks. An SSH attack is a type of dictionary attack which aims to guess secure shell client usernames and passwords.Writing in the ISC's website diary, incident handler Scott Fendley warned security professionals to be a......
[more] Researcher: Debian cryptography may be flawed A security researcher has warned that cryptographic keys generated in the last year and a half using Debian OpenSSL may be invalid. HD Moore, director of research for network-security company BreakingPoint Systems, posted details of the compromise on Metasploit.com on Wednesday.According to Moore, a bug in a Debian OpenSSL package was created in 2006 by the removal of a piece of code, which was taken out to stop the Valgrind and Purify security tool......
[more] After Debian's epic SSL blunder, a world of hurt for security pros It's been more than a week since Debian patched a massive security hole in the library the operating system uses to create cryptographic keys for securing email, websites and administrative servers. Now the hard work begins, as legions of admins are saddled with the odious task of regenerating keys too numerous for anyone to estimate. The flaw in Debian's random number generator means that OpenSSL keys generated over the past 20......
[more] Corporations riddled with security holes Poor corporate IT security is leaving businesses vulnerable - with almost 90 per cent of breaches found to have been preventable. A trio of studies have painted a damning picture of business security, with online vulnerabilities rising as companies and authorities fail to apply patches, update antivirus software and leave firewalls disabled. Vulnerabilities on UK company and public sector networks grew from 19 last year to 21 this year according......
[more] Hacked iPhone 3G causes security concerns Reports have emerged today that a Brazilian company has unlocked Apple’s much-hyped iPhone 3G ending the requirement to connect the device to exclusive carriers. And, the iPhone Dev Team has claimed it is close to a full software jailbreak, a technique that bypasses digital rights management (DRM) on the device. Less than a week after the iPhone’s release, the news may excite users in Brazil, China and Malaysia who were left off Apple’s supp......
[more]
