SEARCH RESULTS
 
Showing 1-9 of 9 records
1
 
Expand article

Is Your Amazon Machine Image Vulnerable to SSH Spoofing Attacks?

The Article has images
2008-07-14 16:26:40 by Craig Balding in Cloud Security
...SSH ( Secure Shell ) host keys each time you launch an instance. This enables you to get the host SSH keys from the console output and verify the host to which you are connecting Important note: SSH host keys enable clients to verify the server identity (are you really my server?) and are separate from SSH user keys that allow the user to...
 
Tags: ssh, limit ssh access, ssh host keys, host keys, ssh user keys, amazon, host ssh keys, amazon machine image, initial ssh connection
 
 
 
 
Expand article

CERT Warns About Phalanx Attacks Against Linux Servers

2008-08-27 16:03:19 by CyberInsecure in CyberInsecure.com
 
The US Computer Emergency Readiness Team (CERT) is warning about attacks in the wild against Linux systems with compromised SSH keys. The attacks appear to use stolen SSH keys to take hold of a targeted machine and then gain root access by exploiting weaknesses in the kernel. The attacks then install a rootkit known as
 
Tags: attacks, ssh keys, gain root access, linux systems, cert, rootkit, install, weaknesses, wild
 
 
 
 
Expand article

Is Interop about inter-operational anymore?

2008-05-01 05:43:31 by HASH0x8b7888c in StillSecure, After All These Years
 
...SSH'ing into switches is a scalable way to perform NAC enforcement, but really don't fit. Most of the other NAC vendors frankly don't even give much lip service to interoperability. The same is true for many of the networking vendors as well. What is the shiny new box from Foundry or HP ProCurve. Who has a bigger booth, whose booth is smaller...
 
Tags: vendors, switch vendors, vendors care, nac vendors frankly, frankly, nac vendors, interop, anymore, network world folks
 
 
 
 
Expand article

Debian OpenSSL Blunder

2008-05-15 09:19:37 by Editor in Cheap Hack
 
...SSH account in a couple hours on 31 2.33GHz Xeon cores and he has published them. The ISC also makes the point that to fix the damage caused by this problem you don't just update your software, you have to recreate certificates, get them signed again, and reencrypt . Other Debian-based distributions, such as Ubuntu, are also affected; in...
 
Tags: openssl, bit rsa keys, keys, public key, public, public keys, moore explains, moore, debian
 
 
 
 
Expand article

With rootkit talk coming, Cisco patches router flaws

2008-05-22 13:00:00 by Editor in Computerworld Security News
 
Cisco Systems has issued patches for several products, including the SSH server software used by its routers
 
Tags: ssh server software, patches, cisco systems, routers, products
 
 
 
 
Expand article

Feature Request #1: Stable Code

2008-06-30 04:01:00 by JJ in Security Uncorked
 
...SSH, SNMP, DHCP and 802.1X functions. Before you add another bell or tweak another whistle, please make what you have works consistently. That should be first, so its my Feature Request #1 Respectfully jj
 
Tags: code, stable code, support, post-sales support, current maintenance contract, current, maintenance contract, security engineer, security
 
 
 
 
Expand article

An insecurity in OpenID, not many dead

2008-08-09 01:33:39 by Richard Clayton in Light Blue Touchpaper
 
...SSH keys, but in practice lots of different applications were at risk ( see long list here In particular, SSL certificates (as used to identify https websites) might contain one of these weak keys and so it would be possible for an attacker to successfully impersonate a secure website. Of course the attacker would need to persuade you to...
 
Tags: openid, openid codebases, certs, weak certs, weak, openid sites, sun, suns openid website, trusts sun
 
 
 
 
Expand article

The Bot Hunter: An Event Processing Challenge

2008-08-15 09:35:00 by Tim Bass in The Complex Event Processing Blog
 
...SSH or HTTP. There will be no physical access to the server. No exceptions Preferrably, the configuration can be done with a Web-Based Interface (WBI) - a browser Your solution will listen to continuous updates to the Apache2 access log, exact location configurable in your solution, and identify robots ( bots), also known as spiders, from the...
 
Tags: bot, winner, bot hunter winner, bot based, non-bot results, results, bot scorecard, solution, block rogue bots
 
 
 
 
Expand article

Whit Diffie on Encryption and PKI

2008-11-10 00:00:00 by HASH0x8b583ec in Network World on Security
 
In the 1970s, Whitfield Diffie co-wrote the recipe for one of today's most widely used security algorithms in a paper called "New Directions in Cryptography." The paper was a blueprint of what came to be known the Diffie-Hellman key exchange, a seismic advancement in Public Key Infrastructure (PKI) technology that makes secure online...
 
Tags: diffie-hellman key exchange, secure sockets layer, public key infrastructure, secure online transactions, whitfield diffie co-wrote, popular protocols, paper, pki, seismic advancement
 
 
 
 
 
Showing 1-9 of 9 records
1