[opensuse] Bootnet Windigo in light + How to give away passwords
Eset has plublished a very detailed paper on the Bootnet Windigo : it try every simple root password and infect Linux server : http://www.welivesecurity.com/2014/03/18/operation-windigo-the-vivisection-o... Read it, very clever ! • Totally silent if tcpdump detected (« promiscuous mode ») • The same if “support” “webmaster” or “webmin” found • Use file names stating with space (!) or dot • Send stolen passwords using DNS request (!) • gmail, yahoo… mailboxes tests before real spamming • Malware « regions » : US Canada UK ect… / rest of the world ( depending if SMTP port is generally blocked) So my question is : which hardware tool can we use for double authentication compatible with OpenSUSE ? Should be : cheap, light. USB. Open (no closed dongle black-box). Compatible with every password forms (web sites, KDE lock, even console "init 3" login...) -- : ` _..-=-=-=-.._.--. Dsant, from Lyon, France `-._ ___,..-'" -~~` __') forum@votreservice.com jgs `'"---'"`>>"'~~"~"~~>>'` =====================```========```======== -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (1)
-
Dsant