[CentOS] what percent of time are there unpatched exploits against default config?
Leonard den Ottolander
leonard at den.ottolander.nl
Sat Dec 31 15:21:18 UTC 2011
Hello Johnny,
On Sat, 2011-12-31 at 08:13 -0600, Johnny Hughes wrote:
> Here are a couple of articles for you to read:
>
> http://www.gtri.gatech.edu/casestudy/Teraflop-Troubles-Power-Graphics-Processing-Units-GPUs-Password-Security-System
>
> http://www.pcpro.co.uk/blogs/2011/06/01/how-a-cheap-graphics-card-could-crack-your-password-in-under-a-second/
> You don't need a botnet of 1000 PCs ... you only need a couple of
> graphics cards.
Please enlighten me how this has any bearing on remotely brute forcing
an SSH login? The number of passwords tried is limited by the daemon,
not the amount of processing power the attacker has available.
The examples you provide require the attacker to have access to the hash
table, f.e. /etc/shadow, which supposedly is not the case if they
haven't been able to login to your system yet.
Regards,
Leonard.
--
mount -t life -o ro /dev/dna /genetic/research
More information about the CentOS
mailing list