The Terror That Is Terrapin To Ruin Your New Year
Why Worry, It’s Only 11 Million Servers At Risk
In the distant past of December 2023 we learned about Terrapin, an SSH vulnerability which tore holes in what was one of our last secure communications protocols. Now that everyone has returned to work, Shadowserver has some news to remind you just how awful this vulnerability could be. They scanned publicly available IP addresses to determine how many internet facing SSH servers were vulnerable and came up with nearly 11 million possible victims. That represents just over half of all the servers they ran the test against, giving you an idea of how big this could be if bad actors begin to leverage it.
The good news is that the detection tool is publicly available so you can check your SSH servers to see if you have successfully hardened them. You don’t need to panic if you are still vulnerable as Terrapin cannot be leveraged unless an attacker already has access to your systems. There should be enough time to resolve any outstanding patching jobs you need to complete before someone figures out a way to make things worse. Your first step is to ensure you are protected against prefix truncation attacks, but it may take more patching that than.
Welcome to security in 2024.
It manipulates sequence numbers during the handshake process to compromise the integrity of the SSH channel, particularly when specific encryption modes like ChaCha20-Poly1305 or CBC with Encrypt-then-MAC are used.
More Tech News From Around The Web
- Samsung reveals three anti-glare Odyssey OLED gaming monitors ahead of CES 2024 @ Engadget
- Windows 11 unable to escape the shadow of Windows 10 @ The Register
- 25 Years Since the First Real ‘Slashdot Effect’ @ Slashdot
- LG’s 2024 OLED TVs Put a Bigger Focus on AI Processing Than Ever Before @ Slashdot
- Amazon marketplace crackdown has sellers searching for legal help @ Ars Technica
- Twitter reverses course on headlines in article links – but just a little and maybe not @ The Register
