Banned Keys
SSH Hunter includes the ability to ban SSH keys. When a key is banned, Sandfly will alert on its presence on any host.
To ban a key, add the tag “Banned” or click on any of the "Ban Key" buttons in the User Interface (UI) to automatically add the tag to the key(s).
When a banned key is found during scans that include the recon_user_list_all sandfly, an alert result will be generated for each banned key.
In the UI of SSH Hunter pages, a key status icon (red key with slash through it) indicates that a banned key is on a host:
Like zone violations, banned key indicators appear as status icons throughout the SSH Hunter UI pages and visualizations so that you can easily see which keys, hosts, and users are using banned keys.
Updated 4 months ago