http://www.securityweek.com/cia-tools-s ... -wikileaks
"....The other tool, Gyrfalcon 2.0, described in a document dated November 2013, is designed to steal SSH credentials from the OpenSSH client on Linux platforms.
Gyrfalcon is a library loaded into the OpenSSH client process address space. It collects OpenSSH session traffic, including usernames and passwords, compresses and encrypts the data, and stores it in a file. A third-party application is required to exfiltrate the file......"
steal SSH credentials from OpenSSH client on Linux platform
Hi rockedge.
Ask Agent Jones or Agent Smith to leave their business cards next time
they come snooping?
Meaning:
don't throw a fit, with that business card, you can get even.
Joke aside, I wonder how much of that is modern folklore. People love
spooky stories and spy stories, y'know.
~~~~~~~~~~~~~
In the case of a kernel module being added, there's a simple way to
check your system's integrity, by listing the modules right after install and
checking that the list is the same every once and a while.
Same for the watchamacallit-falcon added library for OpenSSH: if it wasn't
there at time of install and all of sudden it is.
If something's fishy, we re-install. It's as easy as 1-2-3 on Puppy Linux
-- PROVIDED YOU MAKE GOOD AND REGULAR BACK-UPS, FOLKS.
~~~~~~~~~~~~
Maybe it's the moon phase? We hadn't had a security scare in a while on
this forum...
BFN.
Ask Agent Jones or Agent Smith to leave their business cards next time
they come snooping?
Meaning:
don't throw a fit, with that business card, you can get even.
Joke aside, I wonder how much of that is modern folklore. People love
spooky stories and spy stories, y'know.
~~~~~~~~~~~~~
In the case of a kernel module being added, there's a simple way to
check your system's integrity, by listing the modules right after install and
checking that the list is the same every once and a while.
Same for the watchamacallit-falcon added library for OpenSSH: if it wasn't
there at time of install and all of sudden it is.
If something's fishy, we re-install. It's as easy as 1-2-3 on Puppy Linux
-- PROVIDED YOU MAKE GOOD AND REGULAR BACK-UPS, FOLKS.
~~~~~~~~~~~~
Maybe it's the moon phase? We hadn't had a security scare in a while on
this forum...
BFN.
musher0
~~~~~~~~~~
"You want it darker? We kill the flame." (L. Cohen)
~~~~~~~~~~
"You want it darker? We kill the flame." (L. Cohen)