Displaying 20 results from an estimated 21 matches for "exfiltrated".
2015 Feb 04
4
Another Fedora decision
On 02/04/2015 02:08 PM, Lamar Owen wrote:
>
> 3.) Attacker uses a large graphics card's GPU power, harnessed with
> CUDA or similar, to run millions of bruteforce attempts per second on
> the exfiltrated /etc/shadow, on their computer (not yours).
> 4.) After a few hours, attacker has your password (or at least a
> password that hashes to the same value as your password), after
> connecting to your system only once.
Oh, and the program to do this can be found very easily. It's calle...
2015 Feb 04
1
Another Fedora decision
...nerability (whether it be in
php, glibc, bash, apache httpd, or whatever) is not rare.
2.) Attacker uses said vulnerability to exfiltrate /etc/shadow.
3.) Attacker uses a large graphics card's GPU power, harnessed with CUDA
or similar, to run millions of bruteforce attempts per second on the
exfiltrated /etc/shadow, on their computer (not yours).
4.) After a few hours, attacker has your password (or at least a
password that hashes to the same value as your password), after
connecting to your system only once.
Now, there are the slow bruteforcers running out there, but those are
not the droids...
2017 Nov 03
3
[RFC 1/2] Add support for openssl engine based keys
On Thu, 26 Oct 2017, James Bottomley wrote:
> Engine keys are keys whose file format is understood by a specific
> engine rather than by openssl itself. Since these keys are file
> based, the pkcs11 interface isn't appropriate for them because they
> don't actually represent tokens.
What sort of keys do you have in mind here that can't be represented
via PKCS#11?
-d
2018 Apr 04
2
OpenSSH-Client without reverse tunnel ability
On 2018-04-04T17:27, mlrx <openssh-unix-dev at 18informatique.com> wrote:
> Le 04/04/2018 ? 13:32, Jan Bergner a ?crit?:
> > Good day!
> >
> > Is it possible to achieve this without nasty workarounds like wrapper
> > scripts monitoring the very-verbose output of SSH or doing DPI?
> > Alternatively, would it be possible to add a config option, allowing an
2017 Nov 03
2
[RFC 1/2] Add support for openssl engine based keys
...;t be represented
> > via PKCS#11?
>
> Well, the engine keys are flat files, so the usual use case is to take
> the private key file and replace it with an engine key file in the .ssh
> directory so the private key becomes tied to the hardware platform and
> cannot be usefully exfiltrated.
Let me rephrase my question: what does using OpenSSL engines enable
that we can't already do via PKCS#11?
-d
2015 Feb 05
3
Another Fedora decision
On Wed, February 4, 2015 16:55, Warren Young wrote:
>> On Feb 4, 2015, at 12:16 PM, Lamar Owen <lowen at pari.edu> wrote:
>>
>> Again, the real bruteforce danger is when your /etc/shadow is
>> exfiltrated by a security vulnerability
>
> Unless you have misconfigured your system, anyone who can copy
> /etc/shadow already has root privileges. They do not need to crack
> your passwords now. You are already boned.
>
>
>
My thought exactly.
--
*** E-Mail is NOT a SECURE...
2018 Apr 05
2
OpenSSH-Client without reverse tunnel ability
On Apr 4 13:58, Nico Kadel-Garcia wrote:
> On Wed, Apr 4, 2018 at 11:43 AM, Alexander Wuerstlein
> <snalwuer at cip.informatik.uni-erlangen.de> wrote:
> > On 2018-04-04T17:27, mlrx <openssh-unix-dev at 18informatique.com> wrote:
> >> Le 04/04/2018 ? 13:32, Jan Bergner a ?crit :
> >> > Good day!
> >> >
> >> > Is it possible to
2015 Feb 04
0
Another Fedora decision
> On Feb 4, 2015, at 12:16 PM, Lamar Owen <lowen at pari.edu> wrote:
>
> Again, the real bruteforce danger is when your /etc/shadow is exfiltrated by a security vulnerability
Unless you have misconfigured your system, anyone who can copy /etc/shadow already has root privileges. They don?t need to crack your passwords now. You?re already boned.
2015 Feb 05
0
Another Fedora decision
...u, February 5, 2015 9:06 am, James B. Byrne wrote:
>
> On Wed, February 4, 2015 16:55, Warren Young wrote:
>>> On Feb 4, 2015, at 12:16 PM, Lamar Owen <lowen at pari.edu> wrote:
>>>
>>> Again, the real bruteforce danger is when your /etc/shadow is
>>> exfiltrated by a security vulnerability
>>
>> Unless you have misconfigured your system, anyone who can copy
>> /etc/shadow already has root privileges. They do not need to crack
>> your passwords now. You are already boned.
>>
>>
>>
>
> My thought exactly.
>...
2015 Feb 11
0
Another Fedora decision
On 02/11/2015 09:27 AM, James B. Byrne wrote:
> PDFs are known vectors for malware. They have been exploited in the
> past and no doubt will be exploited in the future. ...
> That said, I readily admit that the risk posed by this particular
> example is low. But, it is not zero.
As an example, I found and downloaded a spec sheet several years back
for a ADVA FSP-II upstream
2017 Feb 09
0
Serious attack vector on pkcheck ignored by Red Hat
On Feb 9, 2017, at 2:03 PM, Leonard den Ottolander <leonard at den.ottolander.nl> wrote:
>
> On Thu, 2017-02-02 at 13:40 -0800, Gordon Messmer wrote:
>> Escalation *requires* attacking a program in a security context other
>> than your own.
>
> Not necessarily. Suppose the adversary is aware of a root
> exploit/privilege escalation in a random library.
There
2011 May 03
0
Announce: Portable OpenSSH 5.8p2 released
Portable OpenSSH 5.8p2 has just been released. It will be available
from the mirrors listed at http://www.openssh.com/ shortly.
OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0
implementation and includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or
2015 Feb 04
6
Another Fedora decision
On Wed, 2015-02-04 at 14:55 -0700, Warren Young wrote:
> > On Feb 4, 2015, at 12:16 PM, Lamar Owen <lowen at pari.edu> wrote:
> >
> > Again, the real bruteforce danger is when your /etc/shadow is exfiltrated by a security vulnerability
>
> Unless you have misconfigured your system, anyone who can copy /etc/shadow already has root privileges. They don?t need to crack your passwords now. You?re already boned.
On C5 the default appears to be:-
-rw-r--r-- 1 root root 1220 Jan 31 03:04 shadow
O...
2016 Jun 17
1
https and self signed
On Thu, June 16, 2016 14:23, Valeri Galtsev wrote:
>
> On Thu, June 16, 2016 1:09 pm, Gordon Messmer wrote:
>>
>> I doubt that most users check the dates on SSL certificates,
>> unless they are familiar enough with TLS to understand that
>> a shorter validity period is better for security.
>
> Oh, this is what he meant: Cert validity period. Though I agree
>
2017 Aug 07
4
FreeBSD samba server returns nt_status_acces_denied when DosStream xattr larger than 64KB
>
> If you feel like it, you could write a VFS module that adds better support
> for
> this on FreeBSD, but what is the use case?
>
I've noticed in online forums that occasionally home NAS users will for
various reasons have streams_xattr enabled and receive 'access denied'
errors when trying to write files with large alternate datastreams. These
are typically on media
2020 Jul 03
0
[RFC]: mm,power: introduce MADV_WIPEONSUSPEND
On Fri, Jul 3, 2020 at 12:34 PM Catangiu, Adrian Costin
<acatan at amazon.com> wrote:
> Cryptographic libraries carry pseudo random number generators to
> quickly provide randomness when needed. If such a random pool gets
> cloned, secrets may get revealed, as the same random number may get
> used multiple times. For fork, this was fixed using the WIPEONFORK
> madvise flag
2017 Feb 09
4
Serious attack vector on pkcheck ignored by Red Hat
On Thu, 2017-02-02 at 13:40 -0800, Gordon Messmer wrote:
> Escalation *requires* attacking a program in a security context other
> than your own.
Not necessarily. Suppose the adversary is aware of a root
exploit/privilege escalation in a random library. Then the heap spraying
allows this attacker to easily trigger this exploit because he is able
to initialize the entire contents of the
2018 Apr 04
5
OpenSSH-Client without reverse tunnel ability
Good day!
A few weeks ago, we had a security breach in the company I'm working
for, because employees used "ssh -R" to expose systems from our internal
network to some SSH server in the outer world.
Of course, this is a breach of our internal security policy, but lead us
to wonder, whether there is a technical solution to prevent our users
from creating SSH-reverse-tunnels.
After
2020 Jul 03
5
[RFC]: mm,power: introduce MADV_WIPEONSUSPEND
Hi!
> Cryptographic libraries carry pseudo random number generators to
> quickly provide randomness when needed. If such a random pool gets
> cloned, secrets may get revealed, as the same random number may get
> used multiple times. For fork, this was fixed using the WIPEONFORK
> madvise flag [1].
> Unfortunately, the same problem surfaces when a virtual machine gets
>
2020 Jul 03
5
[RFC]: mm,power: introduce MADV_WIPEONSUSPEND
Hi!
> Cryptographic libraries carry pseudo random number generators to
> quickly provide randomness when needed. If such a random pool gets
> cloned, secrets may get revealed, as the same random number may get
> used multiple times. For fork, this was fixed using the WIPEONFORK
> madvise flag [1].
> Unfortunately, the same problem surfaces when a virtual machine gets
>