Material is a weekly discussion about the Google and Android universe. Your intrepid hosts try to answer the question, “What holds up the digital world?” The answer, so far, is that it’s Google all the way down. Hosted by Andy Ihnatko and Florence Ion.
…
continue reading
Kandungan disediakan oleh Jupiter Broadcasting. Semua kandungan podcast termasuk episod, grafik dan perihalan podcast dimuat naik dan disediakan terus oleh Jupiter Broadcasting atau rakan kongsi platform podcast mereka. Jika anda percaya seseorang menggunakan karya berhak cipta anda tanpa kebenaran anda, anda boleh mengikuti proses yang digariskan di sini https://ms.player.fm/legal.
Player FM - Aplikasi Podcast
Pergi ke luar talian dengan aplikasi Player FM !
Pergi ke luar talian dengan aplikasi Player FM !
570: RegreSSHion Strikes
MP3•Laman utama episod
Manage episode 427755754 series 2441001
Kandungan disediakan oleh Jupiter Broadcasting. Semua kandungan podcast termasuk episod, grafik dan perihalan podcast dimuat naik dan disediakan terus oleh Jupiter Broadcasting atau rakan kongsi platform podcast mereka. Jika anda percaya seseorang menggunakan karya berhak cipta anda tanpa kebenaran anda, anda boleh mengikuti proses yang digariskan di sini https://ms.player.fm/legal.
We dig into the RegreSSHion bug, debate it's real threat and explore clever tools to build a tasty fried onion around your system.
Sponsored By:
- Core Contributor Membership: Take $1 a month of your membership for a lifetime!
- Tailscale: Tailscale is a programmable networking software that is private and secure by default - get it free on up to 100 devices!
- 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps.
Links:
- 💥 Gets Sats Quick and Easy with Strike
- 📻 LINUX Unplugged on Fountain.FM
- Spokane Meetup - No-Li Brewhouse · JB Events on Gathio
- Plasma/Krunner Docs — Brent's tip: 'https://search.nixos.org/options?query=\{@}' (the '\{@}' is the magic sauce)
- autossh — Automatically restart SSH sessions and tunnels
- autossh on GitHub
- Spokane Meetup — No-Li Brewhouse, Sat, Jul 13, 2024, 4:00 PM
- RegreSSHion — Remote Code Execution Vulnerability In OpenSSH Server
- regreSSHion — Remote Unauthenticated Code Execution Vulnerability in OpenSSH server.
- NixOS Security advisory: OpenSSH CVE-2024-6387 “regreSSHion” – update your servers ASAP
- Nasty regreSSHion bug affects around 700K Linux systems
- Qualys CVE-2024-6387 Write-up
- Letmein: Authenticating port knocker - Written in Rust — Letmein is a simple port knocker with a simple and secure authentication mechanism. It can be used to harden against pre-authentication attacks on services like SSH, VPN, IMAP and many more.
- fwknop: Single Packet Authorization > Port Knocking — fwknop stands for the "FireWall KNock OPerator", and implements an authorization scheme called Single Packet Authorization (SPA). This method of authorization is based around a default-drop packet filter
- Membership Summer Discount — Take $1 a month of your membership for a lifetime!
- Jeff links: How to run non-nix executables?
- pick: stu — TUI (Terminal/Text UI) application for AWS S3
578 episod
MP3•Laman utama episod
Manage episode 427755754 series 2441001
Kandungan disediakan oleh Jupiter Broadcasting. Semua kandungan podcast termasuk episod, grafik dan perihalan podcast dimuat naik dan disediakan terus oleh Jupiter Broadcasting atau rakan kongsi platform podcast mereka. Jika anda percaya seseorang menggunakan karya berhak cipta anda tanpa kebenaran anda, anda boleh mengikuti proses yang digariskan di sini https://ms.player.fm/legal.
We dig into the RegreSSHion bug, debate it's real threat and explore clever tools to build a tasty fried onion around your system.
Sponsored By:
- Core Contributor Membership: Take $1 a month of your membership for a lifetime!
- Tailscale: Tailscale is a programmable networking software that is private and secure by default - get it free on up to 100 devices!
- 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps.
Links:
- 💥 Gets Sats Quick and Easy with Strike
- 📻 LINUX Unplugged on Fountain.FM
- Spokane Meetup - No-Li Brewhouse · JB Events on Gathio
- Plasma/Krunner Docs — Brent's tip: 'https://search.nixos.org/options?query=\{@}' (the '\{@}' is the magic sauce)
- autossh — Automatically restart SSH sessions and tunnels
- autossh on GitHub
- Spokane Meetup — No-Li Brewhouse, Sat, Jul 13, 2024, 4:00 PM
- RegreSSHion — Remote Code Execution Vulnerability In OpenSSH Server
- regreSSHion — Remote Unauthenticated Code Execution Vulnerability in OpenSSH server.
- NixOS Security advisory: OpenSSH CVE-2024-6387 “regreSSHion” – update your servers ASAP
- Nasty regreSSHion bug affects around 700K Linux systems
- Qualys CVE-2024-6387 Write-up
- Letmein: Authenticating port knocker - Written in Rust — Letmein is a simple port knocker with a simple and secure authentication mechanism. It can be used to harden against pre-authentication attacks on services like SSH, VPN, IMAP and many more.
- fwknop: Single Packet Authorization > Port Knocking — fwknop stands for the "FireWall KNock OPerator", and implements an authorization scheme called Single Packet Authorization (SPA). This method of authorization is based around a default-drop packet filter
- Membership Summer Discount — Take $1 a month of your membership for a lifetime!
- Jeff links: How to run non-nix executables?
- pick: stu — TUI (Terminal/Text UI) application for AWS S3
578 episod
Semua episod
×Selamat datang ke Player FM
Player FM mengimbas laman-laman web bagi podcast berkualiti tinggi untuk anda nikmati sekarang. Ia merupakan aplikasi podcast terbaik dan berfungsi untuk Android, iPhone, dan web. Daftar untuk melaraskan langganan merentasi peranti.