Home > General > Using Putty for remote ssh – maybe you should check it…

Using Putty for remote ssh – maybe you should check it…

May 21, 2015 Leave a comment Go to comments

Symantec has reported that there is a rogue version of putty.exe (a remote connection tool used by many techs to connect over ssh, serial ports, etc.) This version is designed to send a specific User Agent when connecting ‘home’ so you could use something like snort to make sure no people are using the rogue version. See more about this report from Symantec – here (http://www.symantec.com/connect/blogs/check-your-sources-trojanized-open-source-ssh-software-used-steal-information).

(Ed. This has been maintstream in ‘free’ versions of mobile software and it works so well attackers are resorting to computer users although I would have thought targeting techs may not have been such a good idea but without the proper monitoring and management equipment, this type of activity will go unnoticed by a lot of sysadmins)

Categories: General
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: