RegreSSHion Strikes | LINUX Unplugged 570
We dig into the RegreSSHion bug, debate it's real threat and explore clever tools to build a tasty fried onion around your system.Sponsored By:Core Contributor Membership: Take $1 a month of your…
All Jupiter Broadcasting Shows
July 7, 2024
Audio is streamed directly from the publisher (feed.jupiter.zone) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
We dig into the RegreSSHion bug, debate it's real threat and explore clever tools to build a tasty fried onion around your system.
Sponsored By:
- Core Contributor Membership: Take $1 a month of your membership for a lifetime!
- Tailscale: Tailscale is a programmable networking software that is private and secure by default - get it free on up to 100 devices!
- 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps.
Links:
- 💥 Gets Sats Quick and Easy with Strike
- 📻 LINUX Unplugged on Fountain.FM
- Spokane Meetup - No-Li Brewhouse · JB Events on Gathio
- Plasma/Krunner Docs — Brent's tip: 'https://search.nixos.org/options?query={@}' (the '{@}' is the magic sauce)
- autossh — Automatically restart SSH sessions and tunnels
- autossh on GitHub
- Spokane Meetup — No-Li Brewhouse, Sat, Jul 13, 2024, 4:00 PM
- RegreSSHion — Remote Code Execution Vulnerability In OpenSSH Server
- regreSSHion — Remote Unauthenticated Code Execution Vulnerability in OpenSSH server.
- NixOS Security advisory: OpenSSH CVE-2024-6387 “regreSSHion” – update your servers ASAP
- Nasty regreSSHion bug affects around 700K Linux systems
- Qualys CVE-2024-6387 Write-up
- Letmein: Authenticating port knocker - Written in Rust — Letmein is a simple port knocker with a simple and secure authentication mechanism. It can be used to harden against pre-authentication attacks on services like SSH, VPN, IMAP and many more.
- fwknop: Single Packet Authorization > Port Knocking — fwknop stands for the "FireWall KNock OPerator", and implements an authorization scheme called Single Packet Authorization (SPA). This method of authorization is based around a default-drop packet filter
- Membership Summer Discount — Take $1 a month of your membership for a lifetime!
- Jeff links: How to run non-nix executables?
- pick: stu — TUI (Terminal/Text UI) application for AWS S3
Topics
Jupiter BroadcastingAll Shows