If you don't use it, then disable it:
systemctl disable ssh
Operation Windigo is a highly sophisticated attack, ever changing, linked to
command and control centers and comromising web servers serving up malicious
dns answers so that the victim is relayed through chains of compromised
servers, installing back doors (accessible through ssh and through
He already provided the link at the end of the initial post.
Here.
http://www.welivesecurity.com/wp-content/uploads/2014/03/operation_windigo.pdf
This reminds me of what happened less than a week ago,
two developer addons appeared on my abrowser and I wondered how the hell it
happened... I was using Trisquel7 mini at the time...
I am currently now using Uruk. Other package managers are supposedly going to
be
an option on uruk.
I
sudo md5sum /lib/x86_64-linux-gnu/libkeyutils.so.1.5
45598330193c7f910453f603b358edd4 /lib/x86_64-linux-gnu/libkeyutils.so.1.5
That doesn't look right, eh?
Strange, though that you got any virus on a gnu/linux operating system.
It is supposed to be nearly impossible to get one on gnu/linux. even if it is
a gnu/linux distro based off of ubuntu.
I have heard ubuntu and debian have a lot more bugs for whatever reason than
say, fedora and
>Maybe firmawre was altered. I'd hate to think it but...
That is possible, but it requires a powerful attacker. Script kiddo can't do
that AFAIK.
>And I learned that noscript's ABE functionality is no joke. It has the
intention of stopping malware from learning about your LAN and passing
Re Trisquel infrastruture: I sure hope not. I'm loving Trisquel 8 so far.
I definitely got a root kit though so I am reformatting my whole system. And
it really lit a fire under my fanny to figure out much more about how to
protect myself. The internet is one scary monster these days. I
WTF Trisquel is backdoored now?
this is probably a remnant of ubuntu within it. I am sure Ruben has no
intention to keep that there.
Uruk eh? I'll have to check it out.
If you can't get to the forum with Abrowser you would be the fourth person I
know of having had that issue recently. 2 with Midori and 2 with Abrowser.
brashley46 posted screenshots at
https://trisquel.info/en/forum/flidas-and-abrowser of midori trouble
No, I downloaded the Ubuntu package (1.5.9-8ubuntu1), and that is the
checksum that I got.
O.K, that's reassuring, thanks guys. Also I haven't had a reason to use ssh
for a while but I'll remember to set up the key-based authentication when I
do. Thanks again.
This a little more info.
1 Yes - It does have a different name.
locate libkeyutils.so
/lib/x86_64-linux-gnu/libkeyutils.so.1
/lib/x86_64-linux-gnu/libkeyutils.so.1.5
sudo md5sum /lib/x86_64-linux-gnu/libkeyutils.so.1.5
45598330193c7f910453f603b358edd4 /lib/x86_64-linux-gnu/libkeyutils.so.1.5
45598330193c7f910453f603b358edd4 is right. I just downloaded the package and
that is what I get. You should be fine.
The ssh -G test no longer works since -G is a legitimate option since OpenSSH
6.8 See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=796599,
https://www.openssh.com/txt/release-6.8, and
https://github.com/eset/malware-ioc/tree/master/windigo. The last link gives
other methods of
I installed Trisquel 8 on 01/12/2017.
Soon, I think it was the first day but am not sure, I had a problem with
Abrowser and the Trisquel site which I posted here -
https://trisquel.info/en/forum/flidas-and-abrowser
I ended up without Abrowser and was pretty happy using dooble except I
Oh, I didn't see that. Thanks!
Could you give me a link to the pdf file?
19 matches
Mail list logo
