I had quite a few questions from people how to check their SSH- and SSL-certificate for the recent debian-flaw. As i had to check a few hundred customer-sites too, i did a little webinterface for checking SSHCerts and SSLCerts for the PRNG-Bug.
See them at work at http://serversniff.net/sshreport.php and http://serversniff.net/sslcert.php
No magic behind - just debians ssh-vulnkey and a php-rippoff from the chksslkey-shellscript written by Michael Holzt. Maybe this will help the average rootserver-admin checking their sites.
Both scripts use standard-sets for verifying the keys, checking only standard-dsa/rsa-keys for ssh and 1024/2048-bit-keys on the ssl-check. Drop me a line to tom@serversniff.net if you really need to check for any different keysizes.
tom
tom
Friday, May 30, 2008
Subscribe to:
Post Comments (Atom)
7 comments:
please, I need urgent help.
does any body knows what is the polynomial used to compute crc 16 in this tool ?
Please, if you need urgent help, why don't you just write to the contact adress written on this website?
It's monitored by a human being. Me. The creator of this site.
I won't hurt anybody asking questions. Most of Serversniff's CRCs are generated by jonelo's tool "jacksum" - and the CRC 16 is
x^16 + x^15 + x^2 + 1
This is the most common stuff used e.g. in LHA and ARC.
There is a another common CRC16 used in X.25, defined in RFC1331. If you want Serversniff to compute this CRC16 as well, you might drop me a line.
If your are really geeky about CRC you might want to ask your favourite search-engine: there are quite a few other sites out there in netland that offer CRC-Checksums out of totally configurable polynoms.
cheers,
tom@serversniff.net
I just want to say thanks a lot for the help and information that this website gives to people like me. It's much appreciated and it's great to think that if I have any other problems that I could contact you for further help, that's really great. Good luck with everything you do.
Thank you for this nice post ... and smiling (for no obvious subject)!
VoilĂ une description qui donne envie... Je le note dans un coin ! :)
voyance gratuite par mail rapide
Un petit pour vous dire que votre blog est super!
voyante
Un petit pour vous dire que votre blog est super!
voyance gratuite en ligne
Post a Comment