[TUHS] YP / NIS / NIS+ / LDAP
krewat at kilonet.net
Wed Nov 7 11:38:53 AEST 2018
On 11/6/2018 5:29 PM, Dan Cross wrote:
> If authentication is happening by users typing passwords into SSH
> clients, which then get sent to SSH servers to be validated against
> the KDC on machines that have been so cracked, an attacker can steal
> passwords by subverting the SSH server processes.
One of the most fun things I've done in the past few years was to take
OpenSSH and make it dump the attempted password while hackers are trying
to brute-force my inbound SSH.
They've stopped for some reason. Now they just try TELNET over and over
again. Mostly from exploited cameras.
More information about the TUHS