Re: what percent of time are there unpatched exploits against default config?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Hello Johnny,

On Sat, 2011-12-31 at 08:13 -0600, Johnny Hughes wrote:
> Here are a couple of articles for you to read:
> 
> http://www.gtri.gatech.edu/casestudy/Teraflop-Troubles-Power-Graphics-Processing-Units-GPUs-Password-Security-System
> 
> http://www.pcpro.co.uk/blogs/2011/06/01/how-a-cheap-graphics-card-could-crack-your-password-in-under-a-second/

> You don't need a botnet of 1000 PCs ... you only need a couple of
> graphics cards.

Please enlighten me how this has any bearing on remotely brute forcing
an SSH login? The number of passwords tried is limited by the daemon,
not the amount of processing power the attacker has available.

The examples you provide require the attacker to have access to the hash
table, f.e. /etc/shadow, which supposedly is not the case if they
haven't been able to login to your system yet.

Regards,
Leonard.

-- 
mount -t life -o ro /dev/dna /genetic/research


_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux