Friday, May 30, 2008

How to check SSH and SSL Certificates for the debian flaw

I had quite a few questions from people how to check their SSH- and SSL-certificate for the recent debian-flaw. As i had to check a few hundred customer-sites too, i did a little webinterface for checking SSHCerts and SSLCerts for the PRNG-Bug.

See them at work at http://serversniff.net/sshreport.php and http://serversniff.net/sslcert.php

No magic behind - just debians ssh-vulnkey and a php-rippoff from the chksslkey-shellscript written by Michael Holzt. Maybe this will help the average rootserver-admin checking their sites.

Both scripts use standard-sets for verifying the keys, checking only standard-dsa/rsa-keys for ssh and 1024/2048-bit-keys on the ssl-check. Drop me a line to tom@serversniff.net if you really need to check for any different keysizes.

tom

tom

Friday, May 16, 2008

Mapped the net... in parts.

"Mapping the net" did we call our little project to map as many known hosts, ips and domains as possible some two years ago. Some laughed, others smiled. And we mapped. Thousands of hosts daily, running into a steadily growing postgresql-database built out of junk-hardware, running on a single cheap dsl-connection.

I started some bencharking using search-engines to see how many hosts we really know, and i was surprised to see that we already know between 70 and 80 percent of all known hosts of major international hosts indexed on rank 1-1000 in common search-engines. And we've still far more than 10 million hostnames listed to sort in. I didn't expect to get so far when i started this funny project.

tom