Shulou(Shulou.com)05/31 Report--

This article mainly shows you "what is the use of SSH-Auditor", the content is easy to understand, clear, hope to help you solve your doubts, the following let the editor lead you to study and learn "what is the use of SSH-Auditor" this article?

A tool called SSH-Auditor can help researchers scan for weak SSH passwords on their own networks. What are you waiting for? check your network environment quickly!

Function introduction

SSH-Auditor can automate the following functions:

1. After a host in the network adds a new certificate, it automatically redetects all hosts, but it only detects the newly added certificate.

2. After a new host is found, create a complete certificate scanning queue.

3. After the SSH version or key fingerprint of the host is changed, create a complete certificate scanning queue.

4. Try to implement the command execution and try to establish a TCP connection.

5. Use the certificate scan interval (default is 14 days) to redetect all certificates of hosts in the network.

You can use the following command to automatically perform a regular audit scan every hour:

Using the ssh-auditor discover + ssh-auditor scan tool

Installation:

$brew install go # or however you want to install the go compiler$ goget github.com/ncsa/ssh-auditor

Build the code using git clones:

$gobuild

Build static code (including SQLite):

$make static

Make sure that enough file descriptors are used:

$ulimit-n 4096

Create the initial database and scan the SSH server:

$. / ssh-auditor discover-p 22-p 2222 192.168.1.0 Universe 24 10.0.0.1 Universe 24

Add certificate pairs that need to be detected:

$. / ssh-auditor addcredential root root$./ssh-auditor addcredential admin admin$./ssh-auditor addcredential guest guest-scan-interval 1 # check this once perday

Check the certificate validity on the discovered host:

$. / ssh-auditor scan

Output Certificate scan report:

$. / ssh-auditor vuln

Rescan certificate validity:

$. / ssh-auditor rescan

Output the usage of a copy of the key:

$. / ssh-auditor dupes report query select hc.hostport, hc.user, hc.password,hc.result, hc.last_tested, h.version from host_creds hc, hosts h where h.hostport = hc.hostport and results all the contents of the article "what's the use of SSH-Auditor" above, thank you for reading! I believe we all have a certain understanding, hope to share the content to help you, if you want to learn more knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.