compromised ssh

ZDNet Resources

• sort by:
• Relevance
• Date
• Popularity

Linux under attack: Compromised SSH keys lead to rootkit

Linux under attack: Compromised SSH keys lead to rootkitLinux under attack: Compromised SSH keys lead to rootkitLOL! And the hits to linux just keep coming! So thats 4 different incidents within a week's time of how badly linux sucks. Poor linus must be hiding under his bed trying...

Tags: Operating systems, UNIX, Rootkits, OPEN SOURCE, Linux, SSH, attack, Compromised SSH, Compromised, Microsoft Windows, rootkit, security

Discussion threads 2008-08-26

Additional Resources

iHacked: jailbroken iPhones compromised, $5 ransom demanded

... WHAT?Who in their right mind keep a server running with default usernames/passwords on the default port....I doubt that jailbroken iPhones are alone in this. It's possible, specially if iPhones have a ssh server running, that this could happen on non-jailbroken iPhones also.Just one question...Has this person been remanded yet?...

Tags: Smart phones, extortion, Apple iPhone

Discussion threads 2009-11-03

iHacked: jailbroken iPhones compromised, $5 ransom demanded

Yesterday, a "Your iPhone's been hacked because it's really insecure! Please visit doiop.com/iHacked and secure your phone right now!" message popped up on the screens of a large number of automatically exploited Dutch iPhone users, demanding $4.95 for instructions on how to secure their iPhones and remove the message from...

Tags: Apple iPhone, SSH, Smart Phones, Consumer Electronics, Personal Technology, Dancho Danchev

Blog posts 2009-11-03

Apache.org hit by SSH key compromise

The open-source Apache Software Foundation pulled its Apache.org Web site offline for about three hours today because of server hack caused by a compromised SSH key. by Ryan Naraine

Tags: SSH, Open Source, Ryan Naraine

Blog posts 2009-08-28

News to know: Psystar vs. Apple; WGA; Linux under attack; FAA failure

Here are today’s notable headlines. You can get News To Know via email alert and RSS daily: News.com: Psystar responds to Apple suit, will countersue Sam Diaz: Does Psystar have a legit argument in Apple countersuit? Psystar countersues Apple, alleges anticompetitive business practices...

Tags: FAA, Google Inc., Microsoft Windows Genuine Advantage, Apple Inc., Microsoft Corp., Adrian Kingsley-Hughes, Attack, Psystar, Linux, Bluetooth, Microsoft Windows, Microsoft Windows XP, Operating Systems, Open Source, UNIX, Software, Wireless, Larry Dignan

Blog posts 2008-08-27

Linux under attack: Compromised SSH keys lead to rootkit

The U.S. Computer Emergency Readiness Team CERT has issued a warning for what it calls "active attacks" against Linux-based computing infrastructures using compromised SSH keys. The attack appears to initially use stolen SSH keys to gain access to a system, and then uses local kernel exploits to...

Tags: Linux, SSH, Attack, U.S. Computer Emergency Readiness Team, Rootkits, Security, Spyware, Adware & Malware, Ryan Naraine

Blog posts 2008-08-26

Red Hat (belatedly) confirms security breach

More than a week after a cryptic note hinted at a security breach at Fedora, the open-source group has finally fessed up to two separate server intrusions that compromised the security of Red Hat's OpenSSH packages. The confirmation follows eight days of media speculation and conjecture over...

Tags: Red Hat Enterprise Linux, Security, Red Hat Inc., Fedora Project, Open Source, Servers, Hardware, Ryan Naraine

Blog posts 2008-08-22

Router Backdoors: Hacked by Chinese Part 2?

Router Backdoors: Hacked by Chinese Part 2?Typo AlertCite, not Site.Typo Alert: "They site no cases of any backdoors in any current routers sold from China."Correction: "They cite no cases of any backdoors in any current routers sold from China."Sorry to be nitpicking about typos, but this is probably because bloggers...

Tags: Routers & switches, Network technology, NETWORKING, router, Chinese Part 2, Router Backdoors

Discussion threads 2008-03-06

How to protect your online privacy

If you want to avoid being compromised when using typical Wi-Fi hotspots that have no security, you can use the following table as a reference of protocols you should and shouldn't use.  The insecure protocols should be banned and never used again; the protocols on the right are the secure...

Tags: Google Inc., Online Privacy, TCP, SSL, George Ou

Blog posts 2007-08-06

Wireless LAN security myths that won't die

Wireless LAN security myths that won't dieDoes OS X probe for hidden SSIDsThe story mentioned that WinXP did this. What about Mac OS X?So at homeI run a 802.11g router in "silent" mode with WPA-PSK. You would argue that I should re-enable the SSID broadcast? Why? ...

Tags: Wireless LANs, Routers & switches, Network technology, wireless, WLAN, SSID, router, Wi-Fi, WPA-PSK

Discussion threads 2007-03-26

Enhanced Remote Desktop security with Windows Vista

Enhanced Remote Desktop security with Windows VistaAll Well and Good but......per MS' download center summary for XP Remote Desktop Connection 6.0 client:[i]"The Remote Desktop Connection 6.0 client can be used to connect to legacy terminal servers or to remote desktops as before, but the new features that are mentioned in...

Tags: VPNs, Network security, NETWORKING, Operating systems, remote desktop, security, Microsoft Windows Vista, SSH, IPSec, Microsoft Windows, RDP

Discussion threads 2007-03-13

Your Wi-Fi can tell people a lot about you

Your Wi-Fi can tell people a lot about youPublic Wi-fi NetworkWhen connecting to a public wi-fi, it should be considered, by default, 'hostile'.If you can at all afford to do so, taking the precaution to secure shell ssh tunnel to your home server will encrypt all traffic to that end-point.[1]There...

Tags: SSL/TLS, Authentication/Encryption, Network security, SECURITY, Financial services, keylogger, SSL, SSH, bank, Wi-Fi

Discussion threads 2007-03-02

Wakeup call for Solaris admins: SHUT TELNET!

Wakeup call for Solaris admins: SHUT TELNET!Bold statement"Most people just don't realize how buggy and full of security vulnerabilities there are in typical UNIX operating systems"telent is one and .....I don't think the Admins got the message. People still use Secure Shell?That's like using a basic ftp for sensitive...

Tags: Operating systems, Servers, Nothing, Sun Solaris 10, Lazy People, SSH, operating system, Sun Solaris, Unix, security, Telnetd, typical UNIX operating system, Telnet

Discussion threads 2007-02-12

Code posted for Solaris remote root exploit

Code posted for Solaris remote root exploitUnix admin 101Nobody with any sense runs telnet on anything, let alone internet facing.Doesn't everyone use SSH these days?NopeBeen using a Solaris workstation since 1997 (HP-UX for 7 years before that), telecommute with Linux and our products all run on Solaris, migrating to Linux,...

Tags: UNIX, Operating systems, Servers, Telnet, Sun Solaris, security

Discussion threads 2007-02-11

Layer 2 security; the forgotten front

Layer 2 security; the forgotten frontThat's just a real foolish attitude"Whilst locking down the network is important, how many of us are directly going to fiddle with Cisco routers? Also, what is the likelihood of such attacks? A security specialist I talked to once said that he found the most...

Tags: Regulatory compliance, security, Layer 2, attack, network

Discussion threads 2007-01-31

Internet Explorer 7 vs. Firefox 2.0: It's all about security (actually, lack thereof)

Internet Explorer 7 vs. Firefox 2.0: It's all about security (actually, lack thereof)Don't be so sure[i]No software except for "Hello World" is 100 percent secure. Ever.[/i]Actually, "hello world" is a lousy example, since it depends on a huge number of functions lower on the food chain that can be compromised.More...

Tags: Web browsers, Mozilla Firefox, Mozilla Firefox 2.0, flaw, Microsoft Internet Explorer, Microsoft Internet Explorer 7, security

Discussion threads 2006-10-30

The IT Commandments: Thou shalt not use nonsecure protocols on thy network

The IT Commandments: Thou shalt not use nonsecure protocols on thy networkTurn of HTTP while you're at it!Funny, it seems to me that the VAST MAJORITY of severe virus/spyware/adware problems flowed over HTTP! How about this: dump the idiot Web-based applications, and enforce a strict "deny all" policy on the...

Tags: Web technology, NETWORKING, Badware, Funny IT, HTTP, Telnet, network, IT Commandment

Discussion threads 2006-04-02

Another Mac OS X hack challenge launched

Another Mac OS X hack challenge launchedTrue, untill the give more information, this tells us nothing.And, how about puting a Windows OS machine online and giving out accounts. How long would that last? Actaully there is not the equivalent of SSH on Windows, so we can not do an apples...

Tags: Desktops, Operating systems, SECURITY, SSH, Apple Macintosh, Microsoft Windows, denial of service, Apple Mac OS X, Apple Mac OS

Discussion threads 2006-03-07

Mac OS X hacked in under 30 minutes

Mac OS X hacked in under 30 minutesThe article author is obviously pro-MSZDnet really should hire some more pro-Apple bloggers like Murph because this is getting ridiculous.This is a story?So, "some guy" makes an unsubstantiated claim using a method he won't discuss to hack a box set up in some...

Tags: Operating systems, Desktops, article author, FreeBSD, Microsoft Corp., Apple Macintosh, Apple Mac OS X, Apple Mac OS, hacker, OSX, Microsoft Windows, exploit

Discussion threads 2006-03-06

Are Mac users too complacent about security?

Are Mac users too complacent about security?Mac still has one good advantageMac OS X does one thing well and that is the way they handle default user permissions. Default users never run in root admin mode and that makes it harder to infect a Mac. Windows will not...

Tags: PRODUCTIVITY, Operating systems, Desktops, Microsoft Windows, distro, Mac-user, Apple Macintosh, computer, Linux, security

Discussion threads 2006-01-16