On Thu, Dec 13, 2018 at 10:02:45AM +0100, Otto Moerbeek wrote: > On Thu, Dec 13, 2018 at 09:50:31AM +0100, Florian Obser wrote: > > > On Thu, Dec 13, 2018 at 09:25:25AM +0100, Kollar Arpad wrote: > > > Any creative hints to defend against these kind of threats? > > > > Your system has been compromised. The attacker is able to replace > > binaries, you have lost. If your package manager can still tell you > > that the sshd binary has been replaced that only means that you are > > dealing with an incompetent attacker. > > > > Throw the computer away. Get a new one. Install from scratch, restore > > data (and only data!) from backup. > > This assumes you can tell the difference between data and code. > > It's a rather fundamental thing that you cannot tell the difference > between data and code. > > Data read by a program is interpreted in some way. That's a form of execution. >
True. Some people just pick up black smithing. I think they are on to something... > -Otto > > -- I'm not entirely sure you are real.
