I'll skip that honor. I am aware of things like SSH brute force attacks (I do have a iptables throttle on that that limits attempts to a couple of tries), but I make no claim to really know the ins and outs of SSH. So, you are basically saying there is NO secure way to ever connect to a machine remotely? That's rather depressing. So it's more of a hope that someone who knows what they are doing will never target you specifically. Phil W. On Sat, Apr 20, 2013 at 1:32 AM, Lisa Kachold wrote: > Your key is as sècure as the version of SSL/SSH. Îf you lèave password > SSH login via. Pam.d ènabled, you will be targeted by more than DefCon's > hackers! The mere fact that you have SSH turned ôn indicàtes you do not > understand the risks. Your passwords most probably fail to be adequately > complex? What's your router IP; we will make you a flag at the next > hackfest? > On Apr 19, 2013 11:52 PM, "Phil Waclawski" > wrote: > >> Well, I'm attending it in the hopes of learning about how some of these >> attacks work, and how to defend against them. Helps me teach my students >> better practices (and myself as well). >> >> To be honest, I had planned on having an old laptop with a brand new >> kubuntu install on it (no data I care about) and just doing some blender >> work and note taking offline, and never connecting it to a network while at >> the convention. >> >> However, I'm curious, if I set up an ssh tunnel to a server I've already >> established a Key system with, wouldn't ssh throw up a huge warning from a >> man in the middle attack not having the right "handshake"? At that point >> I'd only be hosed if I was dumb enough to say "connect anyway"?. >> >> Phil W. >> >> >> On Fri, Apr 19, 2013 at 10:30 PM, der.hans wrote: >> >>> Am 19. Apr, 2013 schwätzte Alan Dayley so: >>> >>> moin moin Alan, >>> >>> >>> Why in the world would anyone actually attend a conference where you >>>> KNOW >>>> people are going to attack your electronics and data? Erasing everyone's >>>> >>> >>> It's in the city where people pay to let someone steal from them, so it >>> fits the theme. >>> >>> http://www.newyorker.com/**online/blogs/culture/2013/01/** >>> video-the-art-of-**pickpocketing.html >>> >>> >>> credit cards? For the lulz, I guess. It sounds like a bunch of very >>>> smart >>>> trolls getting together to see who can out-troll who. I would just >>>> be collateral damage in such a group. I guess it's an effective way to >>>> keep >>>> the non-trolls and newbies out of the "defcon club." Or maybe it is a >>>> from >>>> of hazing. >>>> >>>> And, if I HAD to go, cash, pen and paper is all I would bring. >>>> >>> >>> Make sure to keep them somewhere safe ;-). >>> >>> ciao, >>> >>> der.hans >>> -- >>> # http://www.LuftHans.com/ http://www.LuftHans.com/**Classes/ >>> # Like the maid, I don't do (M$)Windows. - der.hans >>> --------------------------------------------------- >>> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org >>> To subscribe, unsubscribe, or to change your mail settings: >>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss >>> >> >> >> --------------------------------------------------- >> PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org >> To subscribe, unsubscribe, or to change your mail settings: >> http://lists.phxlinux.org/mailman/listinfo/plug-discuss >> > > --------------------------------------------------- > PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org > To subscribe, unsubscribe, or to change your mail settings: > http://lists.phxlinux.org/mailman/listinfo/plug-discuss >