|
|
|
|
|
|
by bcaa7f3a8bbc
2817 days ago
|
|
|
Let's suggest an alternative scenario - the hosts and ports are encrypted. Now what can the attackers do? Well, they still have hashes of public keys. The attacker can scan the entire IPv4 Internet with Z-MAP, and record all SSH public keys. With some hashing, the host can be identified. With online services like Censys (https://censys.io/), the attackers don't even have to scan and compute, but can directly obtain the information from a public database... Also, to make it clear, while I'm saying that the attack is too impractical to make sense, I have full respect to your research project, thanks for analyzing this security issue for the community. |
|
|