Skip to main content

Search

Items tagged with: ssh


 

Show HN: The Cyber Plumber's Handbook – SSH Tunnel Like a Boss


Looking to get some feedback from the Hacker News community.

I wrote the book with a focus on penetration testers and red teamers, but there are great examples for network admins, developers, and blue team defenders as well.

You can pick up a copy for free here through May 19, 2019: https://gumroad.com/l/the_cyber_plumbers_handbook/hackernews...

Please note, because it's hosted on Gumroad, it does require an email. If you don't want to give out your actual email, check out an anonymous email service. I give it away to students for free, so if you know of one that might like it, send them here to get instructions: https://cph.opsdisk.com

About The Cyber Plumber's Handbook...

This book is packed with practical and real world examples of SSH tunnel... show more


 

Cisco Nexus 9000 Switches Allow SSH As Root


HN Discussion: https://news.ycombinator.com/item?id=19914466
Posted by sky_nox (karma: 217)
Post stats: Points: 133 - Comments: 44 - 2019-05-14T22:32:28Z

#HackerNews #9000 #allow #cisco #nexus #root #ssh #switches
HackerNewsBot debug: Calculated post rank: 103 - Loop: 134 - Rank min: 100 - Author rank: 60


 

This Week in Security: Backdoors in Cisco Switches, PGP Spoofing in Emails, Git Ransomware


Bild/Foto

#hackadaycolumns #news #securityhacks #blockchain #git #pgp #ssh #thisweekinsecurity #hackaday
posted by pod_feeder_v2
This Week in Security: Backdoors in Cisco Switches, PGP Spoofing in Emails, Git Ransomware


 
Cisco: Spionage-Backdoor in amerikanischen Switches geschlossen #Netzwerk #Backdoor #Bundesregierung #Datensicherheit #DeutscherBundestag #Fernwartung #NSA #Router #Router-Lücke #SSH


 

S9 Antminer's root password "admin" - change immediately!!!


I now own a #S9 #Antminer from #Bitmain for some weeks (already). It runs really loud and I turn it only on when I'm out of house or want to have it running. It has a nice web interface and even #SSH with root (some #Linux embeded system). I setup quickly everthing and mining #Peercoins is working as expected (I run it in eco-mode). But what I later found out is that the SSH root password is simply "admin" which is a well-known password.

So here is my advice: If you intend to buy and run it (locally or on public Internet) please *do change* your SSH password! If you fail to do so, somebody might be able to change your pool login data and then he is receiving the coins you want to mine on your electricity bill! And I'm sure that he will then change root password to his own so you have to (somehow?) flush the memory to have factory-default settings (including password, I hope) back.

Here are some pictures of my miner, including screenshots which is just below my computer table (and it can be very noisy): #Nextcloud


 
If you have an IoT device in your home, you could be receiving an average of 13 login attempts to these devices per minute.That’s what I found in my latest research project.Over the past 3 months,I’ve setup and monitored 10 honeypots located across 5 different continents.These have been waiting patiently for SSH login attempts to better understand how often you face cybercriminals knocking at your network’s metaphorical front door.
#IoT #honeypots #SSH #cybercriminal #COMPUTER #TECHNOLOGY #SOFTWARE #HARDWARE #INTERNET #WEB


 

The problem with ssh agent forwarding

After hacking the matrix.org website today, the attacker opened a series of GitHub issues mentioning the flaws he discovered. In one of those issues, he mentions that “complete compromise could have been avoided if developers were prohibited from using [SSH agent forwarding]“.
#ssh #security #root #server #configuration #matrix #hack


 
Basic #tmux #Tutorial - Windows, Panes, and Sessions over #SSH #linux #terminal [partagé via #DiasporaForAndroid]


 

Using a Yubikey as smartcard for SSH public key authentication


Contributed by Paul 'WEiRD' de Weerd on 2019-03-21 from the shire lease dept. Ken Westerback (krw@) writes in with his report from a2k19, the hackathon in New Zealand: Due to an earlier (pre-737Max)…
Article word count: 128

HN Discussion: https://news.ycombinator.com/item?id=19566126
Posted by sverige (karma: 4874)
Post stats: Points: 117 - Comments: 39 - 2019-04-03T18:56:11Z

#HackerNews #authentication #for #key #... show more


 
Ab sofort gibt es offizielle eine Raspberry-Pi-Maus und ein Pi-Keyboard. Sie sind in den üblichen Farben rot und weiß gehalten. Sowohl bei Tastatur als auch Maus gibt aber eine farbliche Variation (schwarz / grau). Die Tastatur an sich sieht recht schnuckelig aus, ist aber wohl nichts für große Hände. Offizielle Tastatur Das offizielle Raspberry Pi Keyboard ist deswegen interessant, weil sie gleichzeitig […] #Maus #osbn #RaspberryPi #ssh #Tastatur #USB-Hub #


 

Endlessh: An SSH Tarpit


March 22, 2019 nullprogram.com/blog/2019/03/22/ I’m a big fan of tarpits: a network service that intentionally inserts delays in its protocol, slowing down clients by forcing them to wait. This…
Article word count: 9

HN Discussion: https://news.ycombinator.com/item?id=19465967
Posted by stargrave (karma: 1913)
Post stats: Points: 202 - Comments: 61 - 2019-03-22T19:22:13Z

#HackerNews #endlessh #ssh #tarpit
Article content:

March 22, 2019

nullprogram.co... show more


 
Le client SSH PuTTY corrige huit failles de sécurité - Next INpact

https://m.nextinpact.com/brief/le-client-ssh-putty-corrige-huit-failles-de-securite-8183.htm

#putty #sécurité #ssh


 
Cómo configurar claves #SSH
Cómo configurar claves SSH
#SSH


 
You're probably right that #xclip doesn't work for remote #ssh connections. I've used ssh but never came across this idea. It would be very cool if there was this functionality built into ssh! What about #ansible; have you used it for running #remote commands on machines. I did a 20 minute tutorial on it about 6 months ago and it was easy to get some remote commands to run. Like intstead of sshing into a machine and running a command you set up a #playbook to run that command and then no need for ssh


 
SSH-Software: Kritische Sicherheitslücken in Putty #Putty #Datensicherheit #EU #SSH #Sicherheitslücke #Server #Applikationen #Internet #Security


 
Une question de #cybersécuritay, les gens : #WebAuthentication https://www.w3.org/TR/webauthn/ c'est pile le même concept que l'authentification par clé publique pour #SSH, non ? Bien sûr, le protocole est différent, mais le concept est le même. Ou alors Web Authentication fait un truc en plus que SSH mais lequel ?


 
One good example why local #DNSSEC validation is useful, #SSH keys in the #DNS. The speaker's example https://dns.bortzmeyer.org/playout.hq.phicoh.net/SSHFP

#FOSDEM


 
In #Germany we have such bad mobile internet connections, you can't even work on a server with #SSH, we are literally the use case for #mosh and #screen on #Linux.


 
All Secure Copy Protocol (SCP) implementations contain 4 security vulnerabilities that allow malicious SCP servers to make changes on the client's side:

https://www.zdnet.com/article/scp-implementations-impacted-by-36-years-old-security-flaws/

– all SCP implementations (OpenSSH, Putty, WinSCP etc.) are affected
– vulnerabilities are there since 1983
– CVE-2018-20685, CVE-2019-6111, CVE-2019-6109, CVE-2019-6110
– at the moment, only WinSCP provides a patch (WinSCP 5.14)

#scp #ssh #openssh #winscp #putty #vulnerability #infosec #cybersecurity #security


 
@veer66
Or #SSH. The thing for which I'd really love to have a hardware keyboard.


 
Instrucciones para que todo el mundo pueda instalar y configurar un cliente y en servidor #SSH en #Windows.
Como instalar y configurar un cliente y un servidor SSH en Windows


 

WTF


Ich habe gerade festgestellt, dass dieses dumme Win10 einen eingbauten SSH Client hat.
Wurde ja auch Zeit...

#win10 #windows #ssh #admin


 
How can I mount a remote folder to a local mount point and make sure the mounting gets "renewed" any time the network connection was restored, i.e. in case of system resume after hibernation or loss of wireless connection?

#Linux #SSH


 

Trial #3/3: success with zfs!


Was finally able to get #zfs on #linux to work on a #virtualmachine as practice. I used this tutorial to get me there. If you want to give this a shot, a word of advice: you actually have to follow these directions very closely (ha!). It also helps to be able to #ssh into your #VM so you can copy/paste using an ssh terminal from the device you are running.

This will be very helpful information for when jb-net.us #server 2.0 is live. ;-)


 
During the last weeks I see lots of abuse mails regarding #ftp and #SSH, it seems there is some people doing #bruteforce attacs on those services via #Tor.

What does that mean? They probably are successful once in a while so there is some idiots without secure passwords!


 

Linux Kernel Updaten und alten Kernel sicher löschen




Als erstes sollte man überprüfen ob es eine neue #Kernelversion für eure #Linux Maschine gibt.
Wenn es einen neuen #Kernel gibt und wen man diese direkt installieren möchte kann man das folgende Kommandoabfolge benutzen und es in der #Shell oder über #SSH als #root durchlaufen lassen.
Anschließend muss man, wenn man gefragt wird, alle Fragen mit „J“ also einem Ja beantworten.
sudo apt-get update && sudo
... show more


 
Please stop sending #abuse mails for #Tor exits when someone tries to #BruteForce your #SSH:
1. Don't use a password unless it is really necessary, otherwise use keys.
2. Do not permit login to standard accounts via SSH.


 
Please stop sending #abuse mails for #Tor exits when someone tries to #BruteForce your #SSH:
1. Don't use a password unless it is really necessary, otherwise use keys.
2. Do not permit login to standard accounts via SSH.


 
Looks like someone left a message during the #SSH #Bruteforce that came in via the #abuse email for one of the #Tor exit nodes:
Authentication failed for user [fuckyoucunts]

This website uses cookies to recognize revisiting and logged in users. You accept the usage of these cookies by continue browsing this website.