Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Linode in the news again, more SSH security issues

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

February 10, 2016

Hosting firm Linode broke the security in its customers' virtual machines, allowing attackers to eavesdrop on SSH connections and hijack them. This isn't the first time Linode in in the news for security issues.

Nodes that installed Linode's Ubuntu 15.10 image between November 10, 2015 and February 4, 2016 all utilize the same SSH server key.

Usually, a unique key is generated during the installation of a Linux distribution, but that doesn't appear to have happened for months in this case.

With that SSH key in hand, a man-in-the-middle attacker could set up a malicious server that masquerades as your vulnerable virtual machine, allowing the hacker to quietly intercept passwords, SSH root commands, and other sensitive data sent to and from you and your physical server.

People who used the fake image received today the following email from Linode's Alex Fornuto, who is urging them to regenerate their SSH server keys.

Here's an extract of the message-- ``There is an issue with the Ubuntu 15.10 image we offered from November 10th, 2015, through to February 4th, 2016. Any Linodes deployed using this image within this time frame are using identical SSH server keys. If you're receiving this ticket, you have a disk image currently affected by this security issue.``

For those unfamiliar with these terms, consider this fuller explanation-- Each Linux server running the SSH daemon should have a set of unique keys, used to generate the encryption between client and server.

While this traffic is still secure against an attempt to access data by "wire sniffing," someone could still use those keys to institute a "man in the middle" attack. The network rules on our infrastructure prevent such an attack from a neighboring Linode, but connections made from insecure wifi-networks or clients with compromised DNS could be vulnerable, said Linode.

The steps required to resolve this issue are easy. First, from your Linode terminal, as root or with the sudo prefix, run:

  • rm -f /etc/ssh/ssh_host_*
  • dpkg-reconfigure openssh-server
  • service ssh restart
  • If you have any questions regarding this issue, please feel free to reply to this ticket, said Linode.

    Linode corrected its Ubuntu 15.10 image on February 4. This blooper comes after the New Jersey-based Linux server hosting firm weathered a ten-day distributed denial-of-service attack on its data centers after Christmas, and reset its users' account passwords after a hack attack scare in January.

    Source: Linode.

    Sponsered ads:
    Read the latest IT news. Visit ItDirection.net. Updated several times daily.

    If you need reliability when it comes to SMTP servers, get the best, get Port 587.

    Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

    Share on Twitter.


    Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
    Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer