steal SSH credentials from OpenSSH client on Linux platform

For discussions about security.
Post Reply
Message
Author
belham2
Posts: 1715
Joined: Mon 15 Aug 2016, 22:47

steal SSH credentials from OpenSSH client on Linux platform

#1 Post by belham2 »

http://www.securityweek.com/cia-tools-s ... -wikileaks

"....The other tool, Gyrfalcon 2.0, described in a document dated November 2013, is designed to steal SSH credentials from the OpenSSH client on Linux platforms.

Gyrfalcon is a library loaded into the OpenSSH client process address space. It collects OpenSSH session traffic, including usernames and passwords, compresses and encrypts the data, and stores it in a file. A third-party application is required to exfiltrate the file......"
Top
musher0
Posts: 14629
Joined: Mon 05 Jan 2009, 00:54
Location: Gatineau (Qc), Canada

#2 Post by musher0 »

Hi belham2.

The CIA would be interested in stealing your SSH credentials because... ???

Tell me:
why would the CIA be interested in Joe Bloe Belham2 or Joe Bloe Musher0 ?

What do they do with these credentials, anyway?

BFN.
musher0
~~~~~~~~~~
"You want it darker? We kill the flame." (L. Cohen)
Top
User avatar
rockedge
Posts: 1864
Joined: Wed 11 Apr 2012, 13:32
Location: Connecticut, United States
Contact:
Contact rockedge

#3 Post by rockedge »

if the NSA were in my machines I would be upset they spent the tax payers money on accessing some extremely boring stuff with no value for now or the future.
Top
musher0
Posts: 14629
Joined: Mon 05 Jan 2009, 00:54
Location: Gatineau (Qc), Canada

#4 Post by musher0 »

Hi rockedge.

Ask Agent Jones or Agent Smith to leave their business cards next time
they come snooping? :lol:

Meaning:
don't throw a fit, with that business card, you can get even. ;)

Joke aside, I wonder how much of that is modern folklore. People love
spooky stories and spy stories, y'know.

~~~~~~~~~~~~~

In the case of a kernel module being added, there's a simple way to
check your system's integrity, by listing the modules right after install and
checking that the list is the same every once and a while.

Same for the watchamacallit-falcon added library for OpenSSH: if it wasn't
there at time of install and all of sudden it is.

If something's fishy, we re-install. It's as easy as 1-2-3 on Puppy Linux
-- PROVIDED YOU MAKE GOOD AND REGULAR BACK-UPS, FOLKS.

~~~~~~~~~~~~

Maybe it's the moon phase? We hadn't had a security scare in a while on
this forum... ;)

BFN.
musher0
~~~~~~~~~~
"You want it darker? We kill the flame." (L. Cohen)
Top
User avatar
8Geee
Posts: 2181
Joined: Mon 12 May 2008, 11:29
Location: N.E. USA

#5 Post by 8Geee »

If one is playing at a kasino on-line, almost all kasinos use SSH to TX/RX game info.
Its not openssl as one might think.

Regards
8Geee
Linux user #498913 "Some people need to reimagine their thinking."
"Zuckerberg: a large city inhabited by mentally challenged people."
Top
User avatar
Burn_IT
Posts: 3650
Joined: Sat 12 Aug 2006, 19:25
Location: Tamworth UK

#6 Post by Burn_IT »

Maybe it's the moon phase? We hadn't had a security scare in a while on
this forum... Wink
A werepuppy!!???
"Just think of it as leaving early to avoid the rush" - T Pratchett
Top
Post Reply

Return to “Security”