Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Fri 18 Aug 2017, 05:12
All times are UTC - 4
 Forum index » Off-Topic Area » Security
steal SSH credentials from OpenSSH client on Linux platform
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [6 Posts]  
Author Message
belham2

Joined: 15 Aug 2016
Posts: 898

PostPosted: Sat 08 Jul 2017, 13:44    Post subject:  steal SSH credentials from OpenSSH client on Linux platform  

http://www.securityweek.com/cia-tools-stealing-ssh-credentials-exposed-wikileaks

"....The other tool, Gyrfalcon 2.0, described in a document dated November 2013, is designed to steal SSH credentials from the OpenSSH client on Linux platforms.

Gyrfalcon is a library loaded into the OpenSSH client process address space. It collects OpenSSH session traffic, including usernames and passwords, compresses and encrypts the data, and stores it in a file. A third-party application is required to exfiltrate the file.
....."
Back to top
View user's profile Send private message 
musher0


Joined: 04 Jan 2009
Posts: 10649
Location: Gatineau (Qc), Canada

PostPosted: Sat 08 Jul 2017, 13:58    Post subject:  

Hi belham2.

The CIA would be interested in stealing your SSH credentials because... ???

Tell me:
why would the CIA be interested in Joe Bloe Belham2 or Joe Bloe Musher0 ?

What do they do with these credentials, anyway?

BFN.

_________________
musher0
~~~~~~~~~~
« Un insensé sur le trône n'est qu'un singe sur le haut d'un toit. » / "A madman
on the throne is just a monkey on top of a roof." (Bernard de Clervaux)
Back to top
View user's profile Send private message 
rockedge


Joined: 11 Apr 2012
Posts: 371
Location: Connecticut, United States

PostPosted: Sat 08 Jul 2017, 15:56    Post subject:  

if the NSA were in my machines I would be upset they spent the tax payers money on accessing some extremely boring stuff with no value for now or the future.
Back to top
View user's profile Send private message Visit poster's website 
musher0


Joined: 04 Jan 2009
Posts: 10649
Location: Gatineau (Qc), Canada

PostPosted: Sat 08 Jul 2017, 19:04    Post subject:  

Hi rockedge.

Ask Agent Jones or Agent Smith to leave their business cards next time
they come snooping? Laughing

Meaning:
don't throw a fit, with that business card, you can get even. Wink

Joke aside, I wonder how much of that is modern folklore. People love
spooky stories and spy stories, y'know.

~~~~~~~~~~~~~

In the case of a kernel module being added, there's a simple way to
check your system's integrity, by listing the modules right after install and
checking that the list is the same every once and a while.

Same for the watchamacallit-falcon added library for OpenSSH: if it wasn't
there at time of install and all of sudden it is.

If something's fishy, we re-install. It's as easy as 1-2-3 on Puppy Linux
-- PROVIDED YOU MAKE GOOD AND REGULAR BACK-UPS, FOLKS.

~~~~~~~~~~~~

Maybe it's the moon phase? We hadn't had a security scare in a while on
this forum... Wink

BFN.

_________________
musher0
~~~~~~~~~~
« Un insensé sur le trône n'est qu'un singe sur le haut d'un toit. » / "A madman
on the throne is just a monkey on top of a roof." (Bernard de Clervaux)
Back to top
View user's profile Send private message 
8Geee


Joined: 12 May 2008
Posts: 1139
Location: N.E. USA

PostPosted: Mon 17 Jul 2017, 20:41    Post subject:  

If one is playing at a kasino on-line, almost all kasinos use SSH to TX/RX game info.
Its not openssl as one might think.

Regards
8Geee

_________________
Linux user #498913
Back to top
View user's profile Send private message 
Burn_IT


Joined: 12 Aug 2006
Posts: 2855
Location: Tamworth UK

PostPosted: Tue 18 Jul 2017, 11:09    Post subject:  

Quote:
Maybe it's the moon phase? We hadn't had a security scare in a while on
this forum... Wink
A werepuppy!!???
_________________
"Just think of it as leaving early to avoid the rush" - T Pratchett
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [6 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0396s ][ Queries: 11 (0.0033s) ][ GZIP on ]