570: RegreSSHion Strikes
7 July 2024
We dig into the RegreSSHion bug, debate it's real threat and explore clever tools to build a tasty fried onion around your system.
Episode Links
- đź’Ą Gets Sats Quick and Easy with Strike
- đź“» LINUX Unplugged on Fountain.FM
- Spokane Meetup - No-Li Brewhouse · JB Events on Gathio
- Plasma/Krunner Docs — Brent’s tip: ‘https://search.nixos.org/options?query=\{@}’ (the ‘\{@}’ is the magic sauce)
- autossh — Automatically restart SSH sessions and tunnels
- autossh on GitHub
- Spokane Meetup — No-Li Brewhouse, Sat, Jul 13, 2024, 4:00 PM
- RegreSSHion — Remote Code Execution Vulnerability In OpenSSH Server
- regreSSHion — Remote Unauthenticated Code Execution Vulnerability in OpenSSH server.
- NixOS Security advisory: OpenSSH CVE-2024-6387 “regreSSHion” – update your servers ASAP
- Nasty regreSSHion bug affects around 700K Linux systems
- Qualys CVE-2024-6387 Write-up
- Letmein: Authenticating port knocker - Written in Rust — Letmein is a simple port knocker with a simple and secure authentication mechanism. It can be used to harden against pre-authentication attacks on services like SSH, VPN, IMAP and many more.
- fwknop: Single Packet Authorization > Port Knocking — fwknop stands for the “FireWall KNock OPerator”, and implements an authorization scheme called Single Packet Authorization (SPA). This method of authorization is based around a default-drop packet filter
- Membership Summer Discount — Take $1 a month of your membership for a lifetime!
- Jeff links: How to run non-nix executables?
- pick: stu — TUI (Terminal/Text UI) application for AWS S3