|
News News regarding BSD and related. |
|
Thread Tools | Display Modes |
|
|
|||
10,000 Linux servers hit by malware serving tsunami of spam and exploits
From http://arstechnica.com/security/2014...-and-exploits/
Quote:
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
|||
The report from Eset is an interesting read.
http://www.welivesecurity.com/wp-con...on_windigo.pdf The report explains what happened in the kernel.org attack in 2011, but Linux was not the only system attacked. From page 4 of the report: Quote:
Quote:
Quote:
Last edited by comet--berkeley; 23rd March 2014 at 07:24 PM. Reason: grammar and spelling |
|
||||
Yes, if a passphrase is selected, then SSH PKA can provide two-factor authentication. But passphrases are optional. Their use must be enforced by policy.
Any system that requres a user to authenticate two different ways -- a) something they have, combined with b) something they know -- are two-factor authentication methods. Other examples: RSA key fobs that provide changing sequences combined with a user PIN. Web applications that require both a client X.509 certificate and a password/passphrase. VPN clients that require workstation certificates combined with a password/passphrase. |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Yahoo XSS exploits going for $700 | J65nko | News | 1 | 28th November 2012 07:19 PM |
DNS Security: Old Vulnerabilities, New Exploits with Cricket Liu | crayoxide | Off-Topic | 8 | 23rd July 2008 08:09 AM |
URL evaluation tools to determine if serving malware | dk_netsvil | Off-Topic | 0 | 30th June 2008 04:55 PM |
Serving 2 domains through firewall using a Jail? | krreagan | General software and network | 1 | 4th May 2008 09:38 PM |