Language Selection

English French German Italian Portuguese Spanish

Linux under attack: Compromised SSH keys lead to rootkit

Filed under
Linux
Security

The U.S. Computer Emergency Readiness Team (CERT) has issued a warning for what it calls “active attacks” against Linux-based computing infrastructures using compromised SSH keys.

The attack appears to initially use stolen SSH keys to gain access to a system, and then uses local kernel exploits to gain root access. Once root access has been obtained, a rootkit known as "phalanx2" is installed, US-CERT said in a note on its current activity site.

Phalanx, which dates back to 2005, is a self-injecting kernel rootkit designed for the Linux 2.6 branch. It allows an attacker to hide files, processes and sockets and includes a tty sniffer, a tty connectback-backdoor, and auto injection on boot.

More Here




More in Tux Machines

Red Hat CTO unexpectedly quits, amid rumors of executive 'friction'

No-one among the rank and file at Red Hat seem to have seen this coming. In a move the Linux giant's staffers said was "shocking" and a "punch in the gut," long-time Red Hat chief technology officer Brian Stevens has resigned. In a short press release, the company announced: "Brian Stevens will step down as CTO." In the same release, Red Hat's president and chief executive Jim Whitehurst said, "We want to thank Brian for his years of service and numerous contributions to Red Hat’s business. We wish him well in his future endeavors." Read more

Is Microsoft engaging in digital imperialism?

Windows, the common carrier of Microsoft, is such a sordid mess that it suffers regular glitches and conducts mass surveillance on users. Microsoft knows that without Windows it cannot survive, so dirty tricks resume in a very big way. This is not a beep on the radar but somewhat of a surge. Nothing is going to change in Munich, but Microsoft is trying to maintain an international/universal perception that the migration to GNU/Linux was a disaster. Numerous anonymous blogs were created to attack Munich over this and provocateurs of Microsoft loved citing them, only to be repeatedly proven wrong. Microsoft is trying to make an example out of Munich in all sorts of nefarious ways. We need to defend Munich from this malicious assault by the convicted monopolist and corrupt enterprise that’s acting as though it fights for its very survival (while indeed laying off tens of thousands of employees). Read more

Shortlist of open source software used at NASA lab

Yes! We use a lot of open source. The short list includes Python, GitHub, Processing, VLC, jQuery, D3.js, Blender, VRUI, ImageJ, VMD, ParaView, MeshLab, VNC, ImageMagick, SWIG, Emacs, and many more. We like using open source because it gives us more flexibility because of licensing and allows us the opportunity to contribute back to the community using our expertise. Our favorite open source project that we work on is OpenMDAO. This project is run out of another Division at our Center. Our team provides some programming support. OpenMDAO is an open source Multidisciplinary Design Analysis and Optimization (MDAO) framework, written in Python. You can use it to develop an integrated analysis and design environment for your engineering challenges. Read more

GSoC: Thumping the Malaria and voyaging in cosmos with KStars

Let's talk about my project now. KStars is desktop planetarium application under KDE Education Projects. I developed QML based cool interface to enable users to browse through image database of community of astrophotographers (i.e. astrobin.com) which contains more than 1,20,000 (number is increasing everyday) real time and very high resolution images along with various information related to them (i.e. Date on which image was captured, Bortle Dark-Sky Scale, RA Centre, DEC Centre, Telescope or Camera used, Description added by astrophotographer etc). I am sure that this browser will enthrall school children by showing them real time images of stars and galaxies located at hundreds of light year far from earth. Read more