Large scale SSH server survey, and top network security tool survey

Large scale SSH server survey, and top network security tool survey

Posted Jun 22, 2006 6:00 UTC (Thu) by fyodor (guest, #3481)
Parent article: The Grumpy Editor's guide to SSH servers

All available evidence indicates that almost every publicly reachable SSH server is running OpenSSH

Funny you should mention this, as Nmap developer Doug Hoyte just last week posted the results of an large scale Internet survey of SSH daemons. He did find that the vast majority of servers run OpenSSH, though he found that a bit more than 1% of the servers (98 of them out of about 8,000) ran Dropbear. LSH was truly obscure -- he found only 2 instances.

Speaking of security tools (and pardon me for plugging my own site), I released a new site this morning at SecTools.Org. This covers the top 100 network security tools, as voted on by more than 3,000 Nmap users. SSH made the list, with users specifying a certain implementation generally suggesting either OpenSSH or PuTTy. I think the latter is mostly used by Windows and embedded device users. I do these security tool surveys every 3 years, and find them quite valuable for learning about the new and interesting tools out there. Sometimes we get stuck in a rut of using just the tools we know well, without exploring other options.

-Fyodor
Insecure.Org

---

to post comments