BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

urgent notice on Linux security (fwd)

Subject: urgent notice on Linux security (fwd)
From: jjohnson at sunrise-linux.com (miah)
Date: Mon, 12 Jan 2004 16:11:45 -0800
In-reply-to: <Pine.LNX.4.58.0401121537400.26725@uni.thekramers.net>
References: <Pine.LNX.4.58.0401121537400.26725@uni.thekramers.net>

On Mon, Jan 12, 2004 at 03:38:21PM -0500, David Kramer wrote:
> The crackers binary-patched the kernel of the affected machines as
> they were running so as to hide files and processes. Something was
> wedged in there that managed to extract passwords from SSH
> connections. Needless to say, all of us who have either logged into
> or out of accounts on the known affected machines have been advised
> to change our passwords at once.

Another reason to not use passwords for loging into the the system.  SSH Provides key based authentication, you should use it.

-miah

References:
- urgent notice on Linux security (fwd)
  - From: david at thekramers.net (David Kramer)

Prev by Date: urgent notice on Linux security (fwd)
Next by Date: Novell buys SUSE and insures Linux users
Previous by thread: urgent notice on Linux security (fwd)
Next by thread: urgent notice on Linux security (fwd)
Index(es):
- Date
- Thread


BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Boston Linux & Unix / webmaster@blu.org