Compromised SSH Keys Lead To Linux Rootkit Attack 79
Tech Groupie writes "The US Computer Emergency Readiness Team (CERT) has issued a warning for what it calls 'active attacks' against Linux-based computing infrastructures using compromised SSH keys. The attack appears to initially use stolen SSH keys to gain access to a system, and then uses local kernel exploits to gain root access. Once root access has been obtained, a rootkit known as 'phalanx2' is installed."
This just in: (Score:5, Funny)
Stolen login credentials leads to unauthorized access of computer resources!
Re:and (Score:1, Funny)
Re:As usual... (Score:4, Funny)
Change your keys regularly, and revoke the key as soon as you have the slightest doubt it's been compromised.
/me gives Redhat a dirty look.
New attack vector! (Score:3, Funny)
This may rival the DNS vulnerability.
Re:and (Score:3, Funny)
Dude, that's like building an electronic voting machine and putting anti-virus software on it.
No, wait...
Re:and (Score:2, Funny)
Condoms are only effective at reducing relative risk vs unprotected connections by about 70 to 85% - source [wikipedia.org]. As always, the only safe way is abstinence! Not that anyone around here will listen to that; I bet most /.'ers are in promiscuous mode...
Re:This just in: (Score:1, Funny)
I only eyeball the packets that have the evil bit set.
I am invulnerable to this attack! (Score:2, Funny)
I have sucessfully computed a easy and 100% affective plan to stop this attack I have cleared the cookies, defragmented the memory drive, emptyed the recycle bin and set the Internet security zone to 'high'. Last off all I downloaded the latest Linux Kernal and extracted it to C drive.
Now it will not affect me i advice everyone else just follow these simple steps and you will be safe to.
Re:and (Score:3, Funny)
Does that make abstinence preconceived murder?