one plus one
Shared publicly•View activity
- Not sure I can agree with that, my concerns were primarily at the ease at which ssh clients are/have been modified without anybody noticing. I was under the obviously mistaken assumption that critical systems like this would have been protected by a decent intrusion detection system which surely would retain decent checksums of critical applications and libraries.Sep 1, 2011
- I suppose it comes down to the simple question - do you run a secure box yourself. The answer is almost certainly no, hence at least one avenue for ingress.
While I can pretty much vouch for my own equipment, I cannot say the same for site machines where boxes are not kept under physical lock and key until my arrival - and as time = money - I can't really spend the time every visit to basically perform a full system check against a known good source.Sep 1, 2011