Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Frackin script kiddies!!



On Aug 3, 2010, at 12:27 AM, Jarod Wilson wrote:
> 
> They can launch the same brute force attack and/or go for exploits
> against ssh. Or an ipsec vpn. Or anything public-facing. But

No, they can't, not with SSH.  A brute-force attack cannot work without the correct half of the key pair.  There are other potential avenues of attack against SSH but they are harder than SSL because SSH is auth + encryption while SSL is just encryption, unless you use X.509 authentication.

> seriously, who is going to expend the effort brute-force attacking my
> mythtv box to delete some recordings?

"Whoever broke into David Kramer's MythTV box" is a good start to that list.

--Rich P.









BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org