ssh – WindowsTechs.com

QID 38909 SHA1 deprecated setting for SSH (RHEL 8.6)

Posted on December 23, 2024 by Ajay Ganvir

I am trying to solve vulnerability reported for QID 38909 i.e SHA1 deprecated setting for SSH. I have hardened the sshd configs in /etc/ssh/sshd_config and /etc/crypto-policies/backends/openssh and opensshserver.config. below is the ouput … Continue reading QID 38909 SHA1 deprecated setting for SSH (RHEL 8.6)→

BellaCPP: Discovering a new BellaCiao variant written in C++

Posted on December 20, 2024 by Mert Degirmenci

While investigating an incident involving the BellaCiao .NET malware, Kaspersky researchers discovered a C++ version they dubbed “BellaCPP”. Continue reading BellaCPP: Discovering a new BellaCiao variant written in C++→

Story of the Year: global IT outages and supply chain attacks

Posted on December 9, 2024 by Alexander Liskin, Vladimir Kuskov, Igor Kuznetsov, Vitaly Kamluk

While the CrowdStrike incident is still fresh in our minds, Kaspersky experts look back on similar IT outages that happened in 2024 and predict potential threats for 2025. Continue reading Story of the Year: global IT outages and supply chain attacks→

Pedaling your Mobile Web Server Across the Globe

Posted on December 8, 2024 by Heidi Ulrich

Front view of blue bicycle with Raspberry Pi webserver

We tinkerers often have ideas we know are crazy, and we make them up in the most bizarre places, too. For example, just imagine hosting a website while pedaling across …read more Continue reading Pedaling your Mobile Web Server Across the Globe→

How to Add an SSH Fingerprint to Your known_hosts File in Linux

Posted on December 4, 2024 by Jack Wallen

If your Linux shell scripts are getting tripped up by SSH fingerprints, follow this concise tutorial for an easy solution. Continue reading How to Add an SSH Fingerprint to Your known_hosts File in Linux→

How can crypto miners access my computer [closed]

Posted on November 11, 2024 by schogol

first I noticed that there is a process named kswapd0 using 100% of 4 out of 8 CPU cores. I killed it several times and then added to /etc/sysctl.conf the line
vm.swappiness=10

After that there appeared another process named kauditd0 usin… Continue reading How can crypto miners access my computer [closed]→

Relative security of ssh password and public key to remote systems

Posted on October 21, 2024 by Chris Green

I just know everyone is going to shout at me that public key is better but let me spell out the actual scenario first.
I have a small LAN at home, basically I’m the only regular user but other members of the family are connected occasional… Continue reading Relative security of ssh password and public key to remote systems→

Could there be a legitimate reason for a SSH server to allow null authentication, to anyone?

Posted on October 16, 2024 by security_paranoid

I recently recalled a memory of when I had once, a fair while ago, accidentally tried to login to the wrong (mistyped) SSH server, and it allowed me access without the correct credentials: null authentication.
I thought nothing of it at th… Continue reading Could there be a legitimate reason for a SSH server to allow null authentication, to anyone?→

Error connecting to SSH through plink.exe [closed]

Posted on October 9, 2024 by K1ng

plink.exe -v -l root -pw toor -R 445:localhost:445 <My IP>

Looking up host "My IP" for SSH connection
Connecting to "My IP" port 22
We claim version: SSH-2.0-PuTTY_Release_0.81
Failed to connect to "My IP&qu… Continue reading Error connecting to SSH through plink.exe [closed]→

RHEL in FIPS mode ignores crypto subpolicy

Posted on September 26, 2024 by Kevin Keane

I have a number of RHEL 8 and RHEL 9 systems with FIPS mode enabled. I’m trying to use a crypto subpolicy to disable CBC ciphers, but the subpolicy seems to be ignored in FIPS mode even though it is applied correctly.
The same subpolicy wo… Continue reading RHEL in FIPS mode ignores crypto subpolicy→