On Jun 29, 2017 3:52 PM, "stan" <stanl-fedorau...@vfemail.net> wrote:
Wikileaks released a document about an attack against CentOS / Rhel. https://wikileaks.org/vault7/#OutlawCountry Here's the text, there are some docs there also. <snip> My first take is that this doesn't represent a very serious threat. Do you disagree? > Prerequisites(S//NF) > The target must be running a compatible 64-bit version of CentOS/RHEL 6.x (kernel version 2.6.32). This doesn't even work on Fedora. Fedora kernels move too fast for them to keep up with binaries; they would have to use the source and rebuild it akmod style on every kernel upgrade. They aren't doing this; they want to keep their stuff secret. It could, however, have been ported to RHEL7 (and not leaked). > (S//NF) The Operator must have shell access to the target. So you have to already have a vulnerability or have a server administrator in the CIA's pocket. This is just a rootkit they use once they already have the keys to kingdom.
_______________________________________________ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org
