search for: exfiltrates

Displaying 20 results from an estimated 21 matches for "exfiltrates".

Did you mean: exfiltrated
2015 Feb 04
4
Another Fedora decision
On 02/04/2015 02:08 PM, Lamar Owen wrote: > > 3.) Attacker uses a large graphics card's GPU power, harnessed with > CUDA or similar, to run millions of bruteforce attempts per second on > the exfiltrated /etc/shadow, on their computer (not yours). > 4.) After a few hours, attacker has your password (or at least a > password that hashes to the same value as your password),
2015 Feb 04
1
Another Fedora decision
...r connecting to your system only once. Now, there are the slow bruteforcers running out there, but those are not the droids this change is looking for. By being 'encouraged' to have a difficult to bruteforce password from the very first, you have better security even when the attacker exfiltrates /etc/shadow or other password hash table (I say 'when' and not 'if' here). And the bar for what qualifies as a secure password (from the point of view that the attacker has your hashed password in hand and is bruteforcing on their equipment) is continually rising as compute pow...
2017 Nov 03
3
[RFC 1/2] Add support for openssl engine based keys
On Thu, 26 Oct 2017, James Bottomley wrote: > Engine keys are keys whose file format is understood by a specific > engine rather than by openssl itself. Since these keys are file > based, the pkcs11 interface isn't appropriate for them because they > don't actually represent tokens. What sort of keys do you have in mind here that can't be represented via PKCS#11? -d
2018 Apr 04
2
OpenSSH-Client without reverse tunnel ability
On 2018-04-04T17:27, mlrx <openssh-unix-dev at 18informatique.com> wrote: > Le 04/04/2018 ? 13:32, Jan Bergner a ?crit?: > > Good day! > > > > Is it possible to achieve this without nasty workarounds like wrapper > > scripts monitoring the very-verbose output of SSH or doing DPI? > > Alternatively, would it be possible to add a config option, allowing an
2017 Nov 03
2
[RFC 1/2] Add support for openssl engine based keys
On Thu, 2 Nov 2017, James Bottomley wrote: > On Fri, 2017-11-03 at 13:11 +1100, Damien Miller wrote: > > On Thu, 26 Oct 2017, James Bottomley wrote: > > > > > > > > Engine keys are keys whose file format is understood by a specific > > > engine rather than by openssl itself.??Since these keys are file > > > based, the pkcs11 interface isn't
2015 Feb 05
3
Another Fedora decision
On Wed, February 4, 2015 16:55, Warren Young wrote: >> On Feb 4, 2015, at 12:16 PM, Lamar Owen <lowen at pari.edu> wrote: >> >> Again, the real bruteforce danger is when your /etc/shadow is >> exfiltrated by a security vulnerability > > Unless you have misconfigured your system, anyone who can copy > /etc/shadow already has root privileges. They do not need
2018 Apr 05
2
OpenSSH-Client without reverse tunnel ability
On Apr 4 13:58, Nico Kadel-Garcia wrote: > On Wed, Apr 4, 2018 at 11:43 AM, Alexander Wuerstlein > <snalwuer at cip.informatik.uni-erlangen.de> wrote: > > On 2018-04-04T17:27, mlrx <openssh-unix-dev at 18informatique.com> wrote: > >> Le 04/04/2018 ? 13:32, Jan Bergner a ?crit : > >> > Good day! > >> > > >> > Is it possible to
2015 Feb 04
0
Another Fedora decision
> On Feb 4, 2015, at 12:16 PM, Lamar Owen <lowen at pari.edu> wrote: > > Again, the real bruteforce danger is when your /etc/shadow is exfiltrated by a security vulnerability Unless you have misconfigured your system, anyone who can copy /etc/shadow already has root privileges. They don?t need to crack your passwords now. You?re already boned.
2015 Feb 05
0
Another Fedora decision
On Thu, February 5, 2015 9:06 am, James B. Byrne wrote: > > On Wed, February 4, 2015 16:55, Warren Young wrote: >>> On Feb 4, 2015, at 12:16 PM, Lamar Owen <lowen at pari.edu> wrote: >>> >>> Again, the real bruteforce danger is when your /etc/shadow is >>> exfiltrated by a security vulnerability >> >> Unless you have misconfigured your
2015 Feb 11
0
Another Fedora decision
On 02/11/2015 09:27 AM, James B. Byrne wrote: > PDFs are known vectors for malware. They have been exploited in the > past and no doubt will be exploited in the future. ... > That said, I readily admit that the risk posed by this particular > example is low. But, it is not zero. As an example, I found and downloaded a spec sheet several years back for a ADVA FSP-II upstream
2017 Feb 09
0
Serious attack vector on pkcheck ignored by Red Hat
On Feb 9, 2017, at 2:03 PM, Leonard den Ottolander <leonard at den.ottolander.nl> wrote: > > On Thu, 2017-02-02 at 13:40 -0800, Gordon Messmer wrote: >> Escalation *requires* attacking a program in a security context other >> than your own. > > Not necessarily. Suppose the adversary is aware of a root > exploit/privilege escalation in a random library. There
2011 May 03
0
Announce: Portable OpenSSH 5.8p2 released
Portable OpenSSH 5.8p2 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or
2015 Feb 04
6
Another Fedora decision
On Wed, 2015-02-04 at 14:55 -0700, Warren Young wrote: > > On Feb 4, 2015, at 12:16 PM, Lamar Owen <lowen at pari.edu> wrote: > > > > Again, the real bruteforce danger is when your /etc/shadow is exfiltrated by a security vulnerability > > Unless you have misconfigured your system, anyone who can copy /etc/shadow already has root privileges. They don?t need to
2016 Jun 17
1
https and self signed
On Thu, June 16, 2016 14:23, Valeri Galtsev wrote: > > On Thu, June 16, 2016 1:09 pm, Gordon Messmer wrote: >> >> I doubt that most users check the dates on SSL certificates, >> unless they are familiar enough with TLS to understand that >> a shorter validity period is better for security. > > Oh, this is what he meant: Cert validity period. Though I agree >
2017 Aug 07
4
FreeBSD samba server returns nt_status_acces_denied when DosStream xattr larger than 64KB
> > If you feel like it, you could write a VFS module that adds better support > for > this on FreeBSD, but what is the use case? > I've noticed in online forums that occasionally home NAS users will for various reasons have streams_xattr enabled and receive 'access denied' errors when trying to write files with large alternate datastreams. These are typically on media
2020 Jul 03
0
[RFC]: mm,power: introduce MADV_WIPEONSUSPEND
On Fri, Jul 3, 2020 at 12:34 PM Catangiu, Adrian Costin <acatan at amazon.com> wrote: > Cryptographic libraries carry pseudo random number generators to > quickly provide randomness when needed. If such a random pool gets > cloned, secrets may get revealed, as the same random number may get > used multiple times. For fork, this was fixed using the WIPEONFORK > madvise flag
2017 Feb 09
4
Serious attack vector on pkcheck ignored by Red Hat
On Thu, 2017-02-02 at 13:40 -0800, Gordon Messmer wrote: > Escalation *requires* attacking a program in a security context other > than your own. Not necessarily. Suppose the adversary is aware of a root exploit/privilege escalation in a random library. Then the heap spraying allows this attacker to easily trigger this exploit because he is able to initialize the entire contents of the
2018 Apr 04
5
OpenSSH-Client without reverse tunnel ability
Good day! A few weeks ago, we had a security breach in the company I'm working for, because employees used "ssh -R" to expose systems from our internal network to some SSH server in the outer world. Of course, this is a breach of our internal security policy, but lead us to wonder, whether there is a technical solution to prevent our users from creating SSH-reverse-tunnels. After
2020 Jul 03
5
[RFC]: mm,power: introduce MADV_WIPEONSUSPEND
Hi! > Cryptographic libraries carry pseudo random number generators to > quickly provide randomness when needed. If such a random pool gets > cloned, secrets may get revealed, as the same random number may get > used multiple times. For fork, this was fixed using the WIPEONFORK > madvise flag [1]. > Unfortunately, the same problem surfaces when a virtual machine gets >
2020 Jul 03
5
[RFC]: mm,power: introduce MADV_WIPEONSUSPEND
Hi! > Cryptographic libraries carry pseudo random number generators to > quickly provide randomness when needed. If such a random pool gets > cloned, secrets may get revealed, as the same random number may get > used multiple times. For fork, this was fixed using the WIPEONFORK > madvise flag [1]. > Unfortunately, the same problem surfaces when a virtual machine gets >